In this post you will learn Introduction to AWS Identity and Access Management Coursera Answer

Week 1 Quiz

1.
Question 1
Which of the following best defines authentication?

1 point

The process of verifying a user’s permissions.

The validation of a user’s identity and verification of their permissions

The process of protecting your personal information as data is transferred

The process of validating a user’s identity.

2.
Question 2
Which of the following is a true about IAM roles?

1 point

You should rarely use roles as an authentication method.

IAM roles are considered long-term credentials.

Roles are associated with a specific person or machine.

Roles are assumed by users and services when they need short term credentials.

3.
Question 3
True or false: Amazon EC2 instances are virtual servers that can be resized on demand.

1 point

True

False

4.
Question 4
Which is NOT one of the 4 prompts you see when configuring the AWS Command Line Interface?

1 point

AWS Access Key ID

Default output format

Default Region name

Default Availability Zone

AWS Secret Access Key

5.
Question 5
What is the maximum bucket size of Amazon Simple Storage Service?

1 point

5GB

50GB

5TB

500TB

Unlimited

6.
Question 6
What is the term for an external user trusted in AWS through identity federation?

1 point

Outside identity

External user

Federated identity

Federated external

7.
Question 7
AWS Identity and Access Management policies are used to define permissions for what kind of operation methods?

1 point

API calls made through an SDK

AWS Command Line Interface

AWS Management Console operations

All of the above

 

Week 2 Quiz

 

1.
Question 1
You create a policy that only allows a user to access Amazon S3. The user tries to access Amazon EC2. What happens?

1 point

The user is implicitly allowed access to Amazon EC2.

The user is explicitly allowed access to Amazon EC2.

The user is explicitly denied access to Amazon EC2.

The user is implicitly denied access to Amazon EC2.

2.
Question 2
Which of the following can you use to create an IAM policy?

1 point

IAM console visual editor.

The AWS policy generator.

Creating the JSON using the AWS documentation and a code editor.

All the above.

3.
Question 3
True or False: An AWS account is an isolated container for your resources, with independent billing, user identities, and policies.

1 point

True

False

4.
Question 4
In the formatting for an Amazon Resource Name, what is always in the first section?

1 point

s3

arn

ec2

aws

5.
Question 5
What is one example of a resource-based policy?

1 point

Group policy

Inline policy

User policy

 

Amazon S3 bucket policy

6.
Question 6
What is a unique quality of an inline policy in AWS Identity and Access Management?

1 point

Can be attached to resources and accounts

Can be attached to both identities and resources

One-to-one relationship with attached identity

Reusable – can be attached to multiple identities

7.
Question 7
What do the letters E-PARC refer to in a policy?

1 point

Element, Partition, Allowable, Refusal, Conclusion

Effect, Principal, Action, Resource, Condition

Effect, Principal, Allowable, Refusal, Conclusion

Element, Principal, Allowable, Refusal, Condition

 

 

Week 3 Quiz

 

1.
Question 1
You make an API call using the AWS Command Line Interface (CLI) to request credentials from AWS Security Token Service (AWS STS). Which of the following elements is needed to make this API call?

1 point

The service IAM

Policy Name

User ARN

Role Session Name

2.
Question 2
When you create a role, which of the following are considered trusted entities?

1 point

IAM users within the same account

IAM users in a different account

AWS services, such as Amazon EC2

All of the above

3.
Question 3
True or false: When you assume a role, you take on the permission set of the role in addition to your original permission set.

1 point

True

False

4.
Question 4
A company has three AWS accounts, named Account A, Account B, and Account C. The company needs to allow an employee in Account A access to resources in Account B. Which IAM identity should they use?

1 point

IAM user

IAM corporate directory

IAM group

IAM role

5.
Question 5
True or false: A role trust policy specifies which resources an identity can access, while a permissions policy defines who is allowed to assume a role.

1 point

True

False

6.
Question 6
Which of the following best defines instance profiles?

1 point

An encrypted message that EC2 instances provide for easy troubleshooting.

A snapshot of the instance configuration that shows instance details at a glance.

A method of securing network traffic in and out of the EC2 instance.

A container for a role that can provide the role’s temporary credentials to an application that runs on the instance.

7.
Question 7
By default, who can assume a service-linked role?

1 point

The service itself

The root user

File type storage services

IAM users and external identities

 

 

Week 4 Quiz

 

1.
Question 1
Which of the following is an IAM best practice?

1 point

Start with a permissive policy and restrict as necessary.

Limit the root account with restrictive IAM policies.

Remove old credentials.

Use users and groups when possible.

2.
Question 2
True or false: AWS SSO eliminates the need to sign in to each AWS account individually to get temporary credentials.

1 point

True

False

3.
Question 3
A user makes an API call to Amazon EC2. You want to find out when this API call occurred. Which service will enable you to figure this out?

1 point

Amazon EC2

Amazon CloudWatch

AWS CloudTrail

Amazon S3

4.
Question 4
True or false: If you fail to create an S3 bucket due to unauthorized access, Amazon S3 gives you
an encoded message that you can decode using an AWS STS API call.

1 point

True

False

5.
Question 5
What is necessary for you to access the IAM Policy Simulator?

1 point

Configure the root user

Enable permissions on the Amazon S3 bucket

Signing-in to your AWS Account

Connected to the internal network

 

 

Final Assessment

 

1.
Question 1
What do ALL users created through AWS Identity and Access Management have?

1 point

Username and encryption key

Name and credentials

Username and password

Access Key and Secret Access Key

2.
Question 2
What are tags?

1 point

Storage resources

Functions

Compute resources

Metadata

3.
Question 3
How is the principal element in a policy identified?

1 point

Instance Id

ARN

Account number

Bucket name

4.
Question 4
Which of the following best defines what a service provider (SP) does?

1 point

Authenticating users.

Managing security of your network traffic.

Controlling access to resources.

Enabling single sign on access.

5.
Question 5
True or false: The assume policy specifies which trusted account members, or principals, are allowed to assume the role.

1 point

True

False

6.
Question 6
What is AWS Lambda?

1 point

Policy tool for creating and testing policies

Storage resource providing unlimited storage in AWS

Compute service that lets you run code without provisioning servers

Custom resource metadata providing security and organization within your account

7.
Question 7
Which of the following best defines authentication?

1 point

The validation of a user’s identity and verification of their permissions.

The process of validating a user’s identity.

The process of protecting your personal information as data is transferred.

The process of verifying a user’s permissions.

8.
Question 8
Which of the following is a true about IAM roles?

1 point

Roles are associated with a specific person or machine.

Roles are assumed by users and services when they need short term credentials.

IAM roles are considered long-term credentials.

You should rarely use roles as an authentication method.

9.
Question 9
What is a unique quality of an inline policy in AWS Identity and Access Management?

1 point

Can be attached to resources and accounts

Can be attached to both identities and resources

Reusable – can be attached to multiple identities

One-to-one relationship with attached identity

10.
Question 10
What do the letters E-PARC refer to in a policy?

1 point

Effect, Principal, Action, Resource, Condition

Element, Partition, Allowable, Refusal, Conclusion

Effect, Principal, Allowable, Refusal, Conclusion

Element, Principal, Allowable, Refusal, Condition

11.
Question 11
You make an API call using the AWS Command Line Interface (CLI) to request credentials from AWS Security Token Service (AWS STS). Which of the following elements is needed to make this API call?

1 point

User ARN

Policy Name

The service IAM

Role Session Name

12.
Question 12
When you create a role, which of the following are considered trusted entities?

1 point

IAM users within the same account

IAM users in a different account

AWS services, such as Amazon EC2

All of the above

13.
Question 13
A user makes an API call to Amazon EC2. You want to find out when this API call occurred. Which service will enable you to figure this out?

1 point

Amazon S3

Amazon EC2

Amazon CloudWatch

AWS CloudTrail

14.
Question 14
True or false: If you fail to create an S3 bucket due to unauthorized access, Amazon S3 gives you
an encoded message that you can decode using an AWS STS API call.

1 point

True

False

15.
Question 15
What is necessary for you to access the IAM Policy Simulator?

1 point

Connected to the internal network

Configure the root user

Signing-in to your AWS Account

Enable permissions on the Amazon S3 bucket

 

 

Important Links:

 

 

 

Trustpilot