NTC 302 Wk 2 – Practice: Knowledge Check – Cloud Security

NTC 302 Wk 2 – Practice: Knowledge Check – Cloud Security

Question 1

 

In the shared responsibility model, AWS is responsible for providing what?

 

 

 

Question 2

 

After initial login, what does AWS recommend as the best practice for the AWS account root user?

 

Restrict permission on the AWS account root user

Revoke all permissions on the AWS account root user

Delete the access keys of the AWS account root user

Delete the AWS account root user

 

 

Question 3

 

When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (Choose two.)

 

Authorized access

AWS Management Console access

Administrative root access

Institutional access

Programmatic access

 

 

Question 4

 

How would a system administrator add an additional layer of login security to a user’s AWS Management Console?

 

Enable multi-factor authentication

 

Use Amazon Cloud Directory

Enable AWS CloudTrail

Audit AWS Identity and Access Management (IAM) roles

 

 

 

 

 

Question 5

 

AWS Organizations enables you to consolidate multiple AWS accounts so you centrally manage them.

 

 

Question 6

 

Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM)? (Choose two.)

 

Avoid using IAM groups to grant the same access permissions to multiple users.

 

Leave unused and unnecessary users and credentials in place.

Manage access to AWS resources.

 

Define fine-grained access rights.

Provide users with default administrative privileges.

 

 

Question 7

 

 

Which of the following should be done by the AWS account root user?

 

Change granular permissions

 

Integrate with other AWS services

Secure access for applications

Change the AWS support plan

 

 

 

 

 

Question 8

Key Management Service (AWS KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources.

 

Question 9

 

Which of the following is the responsibility of AWS under the AWS shared responsibility model?

 

 

Configuring third-party applications

 

Maintaining physical hardware

 

Managing custom Amazon Machine Images (AMIs)

 

Securing application access and data

Question 10

 

In the shared responsibility model, which of the following are examples of “security in the cloud”? (Choose two.)

 

Compliance with compute security standards and regulations

 

Protecting the global infrastructure

 

 

Physical security of the facilities in which the services operate

 

Security group configurations

 

Encryption of data at rest and data in transit