DevOps on AWS Specialization - AWS Cloud Technical Essentials - W1
Which of the following can be found in an AWS Identity and Access Management (IAM) policy? Effect Action Object A and B B and C
A and B
Question 6 What is a best practice when securing the AWS account root user? Activate AWS Identity and Access Management (IAM) access to the Billing and Cost Management console Use the root user for routine administrative tasks Change account settings Enable multi-factor authentication
Enable multi-factor authentication
Question 7 A solutions architect is consulting for a company. When users in the company authenticate to a corporate network, they want to be able to use AWS without needing to sign in again. Which AWS identity should the solutions architect recommend for this use case? IAM Role IAM Group AWS account root user AWS Identity and Access Management (IAM) user
IAM Role
Question 13 Which of the following provides temporary credentials (that expire after a defined period of time) to AWS services? Principle of least privilege IAM role Identity provider (IdP) AWS IAM Identity Center (successor to AWS Single Sign-On)
IAM role
Question 2 True or False: Every action a user takes in AWS is an API call. True False
True
Question 4 What is a benefit of cloud computing? Go global in minutes. Run and maintain your own data centers. Increase time-to-market. Overprovision for scale.
Go global in minutes.
Question 9 True or False: AWS Identity and Access Management (IAM) policies can restrict the actions of the AWS account root user. True False
False
What are the four main factors that a solutions architect should consider when they must choose a Region? Latency, high availability, taxes, and compliance Latency, price, service availability, and compliance Latency, taxes, speed, and compliance Latency, security, high availability, and resiliency
Latency, price, service availability, and compliance
Question 12 True or False: According to the AWS shared responsibility model, a customer is responsible for security in the cloud. True False
True
Question 10 According to the AWS shared responsibility model, which of the following is the responsibility of AWS? Controlling the operating system and application platform, as well as encrypting, protecting, and managing customer data. Managing customer data, encrypting that data, and protecting the data through network firewalls and backups. Managing the hardware, software, and networking components that run AWS services, such as the physical servers, host operating systems, virtualization layers, and AWS networking components. Managing customer data, encrypting that data, and protecting the data through client-side encryption.
Managing the hardware, software, and networking components that run AWS services, such as the physical servers, host operating systems, virtualization layers, and AWS networking components.
A user is hosting a solution on Amazon Elastic Compute Cloud (Amazon EC2). Which networking component is needed to create a private network for their AWS resources? Virtual private cloud (VPC) Instance Tags Amazon Machine Image (AMI)
Virtual private cloud (VPC)
Question 3 Which statement BEST describes the relationship between Regions, Availability Zones and data centers? Regions are clusters of Availability Zones. Availability Zones are clusters of data centers. Data centers are clusters of Regions. Regions are clusters of Availability Zones. Availability Zones are clusters of Regions. Regions are clusters of data centers. Data centers are cluster of Availability Zones. Regions are clusters of Availability Zones.
Regions are clusters of Availability Zones. Availability Zones are clusters of data centers.
Question 11 Which of the following is recommended if a company has a single AWS account, and multiple people who work with AWS services in that account? All people must use the root user to work with AWS services on a daily basis. The company should create an AWS Identity and Access Management (IAM) group, grant the group permissions to perform specific job functions, and assign users to a group, or use IAM roles. The company must create AWS Identity and Access Management (IAM) users, and grant users the permissions to perform specific job functions. The company must create an AWS Identity and Access Management (IAM) user and grant the user the permissions to access all AWS resources.
The company should create an AWS Identity and Access Management (IAM) group, grant the group permissions to perform specific job functions, and assign users to a group, or use IAM roles.
A company wants to manage AWS services by using the command line and automating them with scripts. What should the company use to accomplish this goal? AWS Management Console AWS Command Line Interface (AWS CLI) AWS SDKs AWS Management Console and AWS SDKs
WS Command Line Interface (AWS CLI)