Module 6
-
An authentication process that provides an extra layer of protection for your AWS account
-
A document that grants or denies permissions to AWS services and resources
-
An identity that you can assume to gain temporary access to permissions
-
The identity that is established when you first create an AWS account
Q2. An employee requires temporary access to create several Amazon S3 buckets. Which option would be the best choice for this task?
-
AWS account root user
-
IAM group
-
IAM role
-
Service control policy (SCP)
-
Adding an IAM user into at least one IAM group
-
Checking a packet’s permissions against an access control list
-
Granting only the permissions that are needed to perform specific tasks
-
Performing a denial of service attack that originates from at least one device
Q4. Which service helps protect your applications against distributed denial-of-service (DDoS) attacks?
-
Amazon GuardDuty
-
Amazon Inspector
-
AWS Artifact
-
AWS Shield
-
Configure multi-factor authentication (MFA).
-
Update the AWS account root user password.
-
Create cryptographic keys.
-
Assign permissions to users and groups.