AWS Academy Cloud Architecting Module 4, AWS Academy Cloud Architecting Module 5, AWS Academy Cloud Architecting Module 6, AWS Academy Cloud Architecting Module 7, AWS Academy Cloud Architecting Module 8. AWS Academy Cloud Architecting Module 9, AWS Academy Cloud Architecting Module 10, AWS Academy Cloud Architecting Module 11, AWS Academy Cloud Architecting Module 12, AWS Academy Cloud Architecting Module 13, AWS Academy Cloud Architecting Module 14.
Which statement describes IAM users?
A. IAM users are used to control access to a specific AWS resource.
B. IAM user names can represent a collection of individuals.
C. Every IAM user for an account must have a unique name.
D. Every IAM user name is unique across AWS accounts.
Ans- C
How can you grant the same level of permissions to multiple users within an account?
A. Apply an AWS IAM policy to an IAM group.
B. Apply an AWS IAM policy to an IAM role.
C. Create a resource-based policy.
D. Create an organization in AWS Organizations
Ans – A
Related: Best Top 10 Google Interview Questions
Related: Best Top 10 Microsoft Interview Questions
Related: Best Top 10 Amazon Interview Questions
Which statements describe AWS IAM roles? (Select TWO)
A. They are uniquely associated to an individual.
B. They can only be used by accounts associated to the person who creates the role.
C. They can be assumed by individuals, applications or services.
D. They provide temporary security credentials
E. They provide permanent security credentials
Ans – C,D
Which statement describes a resource-based policy?
A. It can be applied to any AWS resource.
B. It can be an AWS managed policy.
C. It is attached to a user or group.
D. It is always an inline policy.
Ans – D
How does AWS IAM evaluate a policy?
A. It checks for explicit allow statements before it checks for explicit deny statements.
B. It checks for explicit deny statements before it checks for explicit allow statements.
C. If there is no explicit deny statement or explicit allow statement, users will have access by default.
D. An explicit deny statement does not override an explicit allow statement.
Ans – B
A team of developers needs access to several services and resources in a VPC for 9 months. How can you use AWS IAM to enable access for them?
A. Create a IAM user for the developer team and attach the required IAM policies.
B. Create a IAM user for each developer, and attach the required IAM policies to each IAM user.
C. Create a IAM user for each developer, put them all in an IAM group, and attach the required IAM policies to the IAM group.
D. Create a single IAM user for the developer team, place it in an IAM group, and attach the required IAM policies to the IAM group
Ans – C
How does identity federation increase security for an application that is built in AWS?
A. Users can use SSO to access the application through an existing authenticated identity.
B. The application can synchronize users’ user names and passwords in AWS IAM with their social media accounts.
C. The browser can establish a trust relationship with the application to bypass the need for MFA.
D. Users can log into their IAM accounts to log into on premises systems
Ans – A
Which services can you use to enable identity federation for your applications that are built in AWS? (Select TWO).
A. AWS WAF
B. AWS KMS
C. AWS STS
D. AWS CloudHSM
E. Amazon Cognito
Ans – B and possibly D?
What service helps you centrally manage billing; control access, compliance and security; and share resources across multiple AWS accounts?
A. AWS IAM
B. AWS Control Tower
C. AWS Organisations
D. AWS VPC peering
Ans – C or D
A technology company’s employees log into their AWS accounts through AWS IAM users. They have administrator access and access to the root users. Which resource can prevent them from deleting the AWS CloudTrail Logs
A. An IAM policy that is attached to each IAM user
B. A service control policy (SCP) that is attached to the OU
C. An Amazon S3 bucket policy that is attached to logging buckets
D. IAM users with administrative access can override the S3 bucket policies
Ans – B
Contents
Important Interview Questions
- Top 100 Data Structures Interview Questions
- Top 100 DBMS Interview Questions
- Best Top 30 C Language Interview Questions
- Best Top 50 Data Structures Interview Questions
- Top 100 Operating System Interview Questions
- Top 100 Python Interview Questions
- Top 100 SQL Interview Questions
- Best Top 100 Computer Architecture | COA Interview Questions
- Top 100 Java Interview Questions
- Best Top 50 JAVA Interview Questions
- Salesforce Developer Interview Questions
- Salesforce Interview Questions | Intermediate to Advance
- Salesforce Admin Interview Questions
AMCAT Interview Questions
- AMCAT Technical Questions with Answers
- AMCAT Verbal Ability Questions with Answers
- AMCAT Logical Reasoning Questions and Answers
- AMCAT Quants Questions with Answer
Cocubes Interview Questions
- Cocubes Quant Questions
- Cocubes Logical Reasoning Questions
- Cocubes Verbal Ability Questions
- Cocubes Pseudo Code Questions
- Cocubes Coding Questions