Module 8 Knowledge Check

 Module 8 Knowledge Check

Module 8 Knowledge Check

1. Which statement describes AWS Identity and Access Management (IAM) users?

Every IAM user for an account must have a unique name

Explanation: IAM usernames only need to be unique within an account

2. How can you grant the same level of permissions to multiple users within an account?

Apply an AWS IAM policy to IAM group

Explanation: By defining the permissions in an IAM policy and putting the users in a group, you can set the same level of permissions to all users in that group.

3. Which statements describe AWS IAM roles?

- They can be assumed by individuals, apps, and services

- They can provide temporary security credentials

Explanation: IAM roles only provide credentials after the individual, apps, or service has assumed the role.

4. Which statement describes a resource-based policy?

It is always an inline policy

Explanation: Inline policies are embedded directly into a single user, group, role, or resource.

5. How does AWS IAM evaluate a policy?

It checks for explicit deny statements before it checks for explicit allow statements

Explanation: IAM checks for explicit deny statements before it checks for explicit allow statements

6. A team of developers need access to several services and resource in a VPC for 9 months. How can you use AWS IAM to enable access for them?

Create an IAM user for each developer, put them al in an IAM group, and attach the required IAM policies to the IAM group.

Explanation: Attaching policies to groups applies the same access rules to all members of the group. It also automatically applies the access rules to new users that are added to the group and removes those access rules from users that are removed from the group.

7. How does identity federation increase security for an application that is built in AWS?

Users can use SSO to access the application through an existing authenticated identity.

Explanation: Authenticating users through a trusted identity broker and store eliminates the need to create, manage, and secure user accounts for the application within the application itself or in AWS.

8. Which services can you use to enable identity federation for your applications that are built in AWS?

AWS Security Token Service (STS) and Amazon Cognito

Explanation: AWS STS enable you to request temporary limited privilege credentials for users. Amazon Cognito enables you to add user sign-up, sign-in, and access control to your web and mobile applications. It supports identity federation with social identity providers.

9. What service helps you centrally manage billing, control access, compliance and security, and share resources across multiple AWS accounts?

AWS Organizations

Explanation: Using AWS Organizations, you can automate account creation, create group of account to reflect your business needs, and apply policies for these groups for governance. You can also simplify billing by setting up a single payment method for all of your AWS account.

10. A technology company employees log in to their AWS account through AWS IAM users. They have administrator access and access to the root users. Which resource can prevent them from deleting AWS CloudTrail logs?

A service control policy (SCP) that is attached to the organizational Unit (OU)

Explanation: In AWS Organizations, applying an SCP to the OU can prevent employees from deleting the logs. The SCP cannot be overridden by any user (including root user) of the AWS accounts in the OU.

Module 7 Knowledge Check

Akhir kata :

Terimakasih sudah membaca artikel Module 8 Knowledge Check semoga artikel yang kalian baca dapat bermanfaat buat kita semua, apabila ada yang ditanyakan silahkan komen saja dibawah kolom ya. Biar kita sharing-sharing tentang apa yang kita tahu, apabila ada kata atau bahasa yang salah tulis mohon dimaafkan. Jangan lupa juga kunjungi tutorial-tutorial lainnya di blog ini. Terimakasih sampai jumpa di artikel selanjutnya. semoga suka dengan Elden Ring Cheat Table  Game fantastis ini.

Masih Banyak sekali trik dan tips Untuk Apliaksi yang bisa kamu coba. Selengkapnya cek di Situs Lutfin.com di bagian Tips dan Trik masukan kata kunci yang kamu inginkan.

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel