AWS Certified Cloud Practitioner Certification practice questions
You are here because you have made your mind to get certified as AWS Certified Cloud Practitioner. Be a pro in AWS or a beginner, some preparation or brushing up your knowledge is always inevitable. You have reached the correct place then. No more talks, no more stories. Let’s get started.
Tip:- Don’t check the answer at first. Try to answer yourself, if failed go through the answer or read more about the topic. We will be going topic wise.
IAM — Identity and Access Management
1. Is IAM service region-specific?
a) True
b) False
Ans) False
2. What is a proper definition of IAM Roles?
a) An IAM that defines a set of permissions for making AWS service requests, that will be used by AWS services.
b) IAM User groups
c) Authentication policy
d) AWS service used for identifying users.
Ans) a
3. What are the different AWS IAM categories that you can control?
a) Using AWS IAM, you can do the following:
b) Create and manage IAM users
c) Create and manage IAM groups
d) Manage the security credentials of the users
e) Create and manage policies to grant access to AWS services and resources
f) All of the above
Ans) f
4. What is the difference between an IAM role and an IAM user?
The two key differences between the IAM role and IAM user are:
a) An IAM role is an IAM entity that defines a set of permissions for making AWS service requests, while an IAM user has permanent long-term credentials and is used to interact with the AWS services directly.
b) In the IAM role, trusted entities, like IAM users, applications, or an AWS service, assume roles whereas the IAM user has full access to all the AWS IAM functionalities.
5. You are the system administrator in your company, which is running most of its infrastructure on AWS. You are required to track your users and keep tabs on how they are being authenticated. You wish to create and manage AWS users and use permissions to allow and deny their access to AWS resources. Which of the following services suits you best?
a) AWS EC2
b) VPC
c) Route 53
d) AWS IAM
Ans) AWS IAM
6. Which of the following points are correct related to IAM ?
a) You can define users and groups which can be given selective access to resources.
b) Access to specific resources can be segregated as Policies which can be applied to a set of users or resources.
c) You can have users who have passwords stored elsewhere to log into AWS.
d) IAM supports the processing, storage, and transmission of credit card data by a merchant or service provider. This is a measure which is compliant with Payment Card Industry (PCI) Data Security Standard (DSS).
e) There is no additional charge with using IAM.
f) It is possible to have password policies in IAM. So you can define a password rotation policy in IAM for users. This is in alignment with the worldwide security standards.
g) IAM has a policy simulator which can help you test and validate policies.
h) One can log all IAM users’ actions via the Cloud Trail service.
i) All of the above
Ans) i
7. Which answer is INCORRECT regarding IAM Users?
a) IAM users can belong to multiple groups
b) IAM users don’t have to belong to a group
c) IAM users can have policies assigned to them
d) IAM users access AWS with root account credentials
Ans) d
8. Which of the following is an IAM best practice?
a) Don’t use the root user account
b) Create several users for a physical person
c) Share credentials so a colleague can perform a task for you
d) Don’t enable MFA
Ans) a
9. What are IAM Policies?
a) JSON documents to define Users, Groups or Role’s permission
b) AWS actions
Ans) a
10. Under the shared responsibility model, what is the customer responsible for in IAM?
a) Infrastructure security
b) Compliance validation
c) Configuration and vulnerability analysis
d) Assigning users proper IAM policies
Ans) d
11. Which principle should you apply regarding IAM Permissions?
a) Grant most privilege
b) Grant least privilege
c) Grant permission if your employee asks you to
d) Restrict root account permission
Ans) b
12. What should you do to increase your root account security?
a) Enable Multi-Factor Authentication (MFA)
b) Remove permission from root account
c) Use AWS only through the CLI
Ans) a
13. Which of the following is an IAM Security Tool?
a) IAM credential report
b) IAM root account manager
c) IAM services report
d) IAM security advisor
Ans) d
Under progress….
