AWS Academy Cloud Architecting Module 8 Answers

AWS Academy Cloud Architecting Module 4, AWS Academy Cloud Architecting Module 5, AWS Academy Cloud Architecting Module 6, AWS Academy Cloud Architecting Module 7, AWS Academy Cloud Architecting Module 8. AWS Academy Cloud Architecting Module 9, AWS Academy Cloud Architecting Module 10, AWS Academy Cloud Architecting Module 11, AWS Academy Cloud Architecting Module 12, AWS Academy Cloud Architecting Module 13, AWS Academy Cloud Architecting Module 14.

Which statement describes IAM users?

A. IAM users are used to control access to a specific AWS resource.
B. IAM user names can represent a collection of individuals.
C. Every IAM user for an account must have a unique name.
D. Every IAM user name is unique across AWS accounts.

Ans- C

How can you grant the same level of permissions to multiple users within an account?

A. Apply an AWS IAM policy to an IAM group.
B. Apply an AWS IAM policy to an IAM role.
C. Create a resource-based policy.
D. Create an organization in AWS Organizations

Ans – A

Related: Best Top 10 Google Interview Questions

Related: Best Top 10 Microsoft Interview Questions

Related: Best Top 10 Amazon Interview Questions

Which statements describe AWS IAM roles? (Select TWO)

A. They are uniquely associated to an individual.
B. They can only be used by accounts associated to the person who creates the role.
C. They can be assumed by individuals, applications or services.
D. They provide temporary security credentials
E. They provide permanent security credentials

Ans – C,D

Which statement describes a resource-based policy?

A. It can be applied to any AWS resource.
B. It can be an AWS managed policy.
C. It is attached to a user or group.
D. It is always an inline policy.

Ans – D

How does AWS IAM evaluate a policy?

A. It checks for explicit allow statements before it checks for explicit deny statements.
B. It checks for explicit deny statements before it checks for explicit allow statements.
C. If there is no explicit deny statement or explicit allow statement, users will have access by default.
D. An explicit deny statement does not override an explicit allow statement.

Ans – B

A team of developers needs access to several services and resources in a VPC for 9 months. How can you use AWS IAM to enable access for them?

A. Create a IAM user for the developer team and attach the required IAM policies.
B. Create a IAM user for each developer, and attach the required IAM policies to each IAM user.
C. Create a IAM user for each developer, put them all in an IAM group, and attach the required IAM policies to the IAM group.
D. Create a single IAM user for the developer team, place it in an IAM group, and attach the required IAM policies to the IAM group

Ans – C

How does identity federation increase security for an application that is built in AWS?

A. Users can use SSO to access the application through an existing authenticated identity.
B. The application can synchronize users’ user names and passwords in AWS IAM with their social media accounts.
C. The browser can establish a trust relationship with the application to bypass the need for MFA.
D. Users can log into their IAM accounts to log into on premises systems

Ans – A

Which services can you use to enable identity federation for your applications that are built in AWS? (Select TWO).

A. AWS WAF
B. AWS KMS
C. AWS STS
D. AWS CloudHSM
E. Amazon Cognito

Ans – B and possibly D?

What service helps you centrally manage billing; control access, compliance and security; and share resources across multiple AWS accounts?

A. AWS IAM
B. AWS Control Tower
C. AWS Organisations
D. AWS VPC peering

Ans – C or D

A technology company’s employees log into their AWS accounts through AWS IAM users. They have administrator access and access to the root users. Which resource can prevent them from deleting the AWS CloudTrail Logs

A. An IAM policy that is attached to each IAM user
B. A service control policy (SCP) that is attached to the OU
C. An Amazon S3 bucket policy that is attached to logging buckets
D. IAM users with administrative access can override the S3 bucket policies

Ans – B

Important Interview Questions

AMCAT Interview Questions

Cocubes Interview Questions

eLitmus Interview Questions

Leave a Comment

20 − eighteen =