Knowledge Check
AWS Cloud Security Quiz
Section titled “AWS Cloud Security Quiz”Question 1
Section titled “Question 1”In the shared responsibility model, AWS is responsible for providing what? (Select the best answer.)
- Security of the cloud ✓
- Security to the cloud
- Security for the cloud
- Security in the cloud
Question 2
Section titled “Question 2”In the shared responsibility model, which of the following are examples of “security in the cloud”? (Choose two)
- Compliance with compute security standards and regulations
- Physical security of the facilities in which the services operate
- Security group configurations ✓
- Encryption of data at rest and data in transit ✓
- Protecting the global infrastructure
Question 3
Section titled “Question 3”Which of the following is the responsibility of AWS under the AWS shared responsibility model? (Select the best answer)
- Configuring third-party applications
- Maintaining physical hardware ✓
- Security application access and data
- Managing custom Amazon Machine Images (AMIs)
Question 4
Section titled “Question 4”When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (Choose two.)
- Institutional access
- Authorized access
- Programmatic access ✓
- AWS Management Console access ✓
- Administrative root access
Question 5
Section titled “Question 5”True or False? AWS Organizations enables you to consolidate multiple AWS accounts so that you centrally manage them.
- True ✓
- False
Question 6
Section titled “Question 6”Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM)? (Choose two)
- Provide users with default administrative privileges.
- Leave unused and unnecessary users and credentials in place.
- Manage access to AWS resources ✓
- Avoid using IAM groups to grant the same access permissions to multiple users.
- Define fine-grained access rights. ✓
Question 7
Section titled “Question 7”Which of the following should be done by the AWS account root user? (Select the best answer.)
- Secure access for applications
- Integrate with other AWS services
- Change granular permissions
- Change the AWS support plan ✓
Question 8
Section titled “Question 8”After initial login, what does AWS recommend as the best practice for the AWS account root user? (Select the best answer.)
- Delete the AWS account root user
- Revoke all permissions on the AWS account root user
- Restrict permission on the AWS account root user
- Delete the access keys of the AWS account root user ✓
Question 9
Section titled “Question 9”How would a system administrator add an additional layer of login security to a user’s AWS Management Console? (Select the best answer.)
- Use Amazon Cloud Directory
- Audit AWS Identity and Access Management (IAM) roles
- Enable multi-factor authentication ✓
- Enable AWS CloudTrail
Question 10
Section titled “Question 10”True or False? AWS Key Management Service (AWS KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources.
- True
- False ✓