Tim Urista
Test por , creado hace más de 1 año

Ch6 of aws associate exam

365
0
0
Tim Urista
Creado por Tim Urista hace más de 6 años
Cerrar

Chapter 6 AWS

Pregunta 1 de 10

1

Which of the following methods will allow an application using an AWS SDK to be authenticated as a principal to access AWS Cloud services? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Create an IAM user and store the user name and password for the user in the application’s configuration.

  • Create an IAM user and store both parts of the access key for the user in the application’s configuration.

  • Run the application on an Amazon EC2 instance with an assigned IAM role

  • Make all the API calls over an SSL connection.

Explicación

Pregunta 2 de 10

1

Which of the following are found in an IAM policy? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Service Name

  • Region

  • Action

  • Password

Explicación

Pregunta 3 de 10

1

Your AWS account administrator left your company today. The administrator had access to the root user and a personal IAM administrator account. With these accounts, he generated other IAM accounts and keys. Which of the following should you do today to protect your AWS infrastructure? (Choose 4 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Change the password and add MFA to the root user.

  • Put an IP restriction on the root user.

  • Rotate keys and change passwords for IAM accounts.

  • Delete all IAM accounts.

  • Delete the administrator’s personal IAM account.

  • Relaunch all Amazon EC2 instances with new roles.

Explicación

Pregunta 4 de 10

1

Which of the following actions can be authorized by IAM? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Installing ASP.NET on a Windows Server

  • Launching an Amazon Linux EC2 instance

  • Querying an Oracle database

  • Adding a message to an Amazon Simple Queue Service (Amazon SQS) queue

Explicación

Pregunta 5 de 10

1

Which of the following are IAM security features? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Password policies

  • Amazon DynamoDB global secondary indexes

  • MFA

  • Consolidated Billing

Explicación

Pregunta 6 de 10

1

Which of the following are benefits of using Amazon EC2 roles? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • No policies are required.

  • Credentials do not need to be stored on the Amazon EC2 instance.

  • Key rotation is not necessary.

  • Integration with Active Directory is automatic.

Explicación

Pregunta 7 de 10

1

Which of the following are based on temporary security tokens? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Amazon EC2 roles

  • MFA

  • Root user

  • Federation

Explicación

Pregunta 8 de 10

1

Your security team is very concerned about the vulnerability of the IAM administrator user accounts (the accounts used to configure all IAM features and accounts). What steps can be taken to lock down these accounts? (Choose 3 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Add multi-factor authentication (MFA) to the accounts.

  • Limit logins to a particular U.S. state.

  • Implement a password policy on the AWS account.

  • Apply a source IP address condition to the policy that only grants permissions when the user is on the corporate network.

  • Add a CAPTCHA test to the accounts.

Explicación

Pregunta 9 de 10

1

You want to grant the individuals on your network team the ability to fully manipulate Amazon EC2 instances. Which of the following accomplish this goal? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Create a new policy allowing EC2:* actions, and name the policy NetworkTeam.

  • Assign the managed policy, EC2FullAccess, to a group named NetworkTeam, and assign all the team members’ IAM user accounts to that group.

  • Create a new policy that grants EC2:* actions on all resources, and assign that policy to each individual’s IAM user account on the network team.

  • Create a NetworkTeam IAM group, and have each team member log in to the AWS Management Console using the user name/password for the group.

Explicación

Pregunta 10 de 10

1

What is the format of an IAM policy?

Selecciona una de las siguientes respuestas posibles:

  • XML

  • Key/value pairs

  • JSON

  • Tab-delimited text

Explicación