Module 4 Knowledge Check questions with
complete solutions
In the shared responsibility model, AWS is responsible for providing what? (Select the
b b b b b b b b b b b b
bbest answer.) - answer-In the shared responsibility model, AWS is responsible for
b b b b b b b b b b b
bproviding security of the cloud. b b b b
In the shared responsibility model, which two of the following are examples of "security
b b b b b b b b b b b b b
bin the cloud" (Choose two.) - answer-"Encryption of data at rest and data in transit" and
b b b b b b b b b b b b b b b
b"Security group configurations" are examples of security in the cloud.
b b b b b b b b b
Which of the following is the responsibility of AWS under the AWS shared responsibility
b b b b b b b b b b b b b
model? (Select the best answer.) - answer-Maintaining physical hardware is the
b b b b b b b b b b b
responsibility of AWS under the shared responsibility model.
b b b b b b b b
When creating an AWS Identity and Access Management (IAM) policy, what are the two
b b b b b b b b b b b b b
types of access that can be granted to a user? (Choose two.) - answer-When creating
b b b b b b b b b b b b b b b
an IAM policy, a user can be granted AWS management console access and
b b b b b b b b b b b b b
programmatic access.
b b
True or False? AWS Organizations enables you to consolidate multiple AWS accounts
b b b b b b b b b b b
so that you centrally manage them. - answer-When creating an IAM policy, a user can
b b b b b b b b b b b b b b b
be granted AWS Management Console access and programmatic access.
b b b b b b b b b
Which of the following are best practices to secure your account using AWS Identity and
b b b b b b b b b b b b b b
Access Management (IAM)? (Choose two.) - answer-Managing access to AWS
b b b b b b b b b b
resources and defining fine-grained access rights are best practices when securing
b b b b b b b b b b b
accounts with AWS IAM.
b b b b
Which of the following should be done by the AWS account root user. - answer-
b b b b b b b b b b b b b b
Changing the AWS support plan can only be done by the AWS account root user. The
b b b b b b b b b b b b b b b
other tasks are done with IAM.
b b b b b b
After initial login, what does AWS recommend as best practice for the AWS account
b b b b b b b b b b b b b
root user? (Select the best answer.) - answer-After initial login, AWS recommends
b b b b b b b b b b b b
deleting the access keys of the AWS account root user as the best practice.
b b b b b b b b b b b b b b
How would the system administrator add an additional layer of login security to a user's
b b b b b b b b b b b b b b
AWS management console? (Select the best answer.) - answer-To add an additional
b b b b b b b b b b b b
layer of login security to a user's AWS Management Console, enable multi-factor
b b b b b b b b b b b b
authentication.
b
complete solutions
In the shared responsibility model, AWS is responsible for providing what? (Select the
b b b b b b b b b b b b
bbest answer.) - answer-In the shared responsibility model, AWS is responsible for
b b b b b b b b b b b
bproviding security of the cloud. b b b b
In the shared responsibility model, which two of the following are examples of "security
b b b b b b b b b b b b b
bin the cloud" (Choose two.) - answer-"Encryption of data at rest and data in transit" and
b b b b b b b b b b b b b b b
b"Security group configurations" are examples of security in the cloud.
b b b b b b b b b
Which of the following is the responsibility of AWS under the AWS shared responsibility
b b b b b b b b b b b b b
model? (Select the best answer.) - answer-Maintaining physical hardware is the
b b b b b b b b b b b
responsibility of AWS under the shared responsibility model.
b b b b b b b b
When creating an AWS Identity and Access Management (IAM) policy, what are the two
b b b b b b b b b b b b b
types of access that can be granted to a user? (Choose two.) - answer-When creating
b b b b b b b b b b b b b b b
an IAM policy, a user can be granted AWS management console access and
b b b b b b b b b b b b b
programmatic access.
b b
True or False? AWS Organizations enables you to consolidate multiple AWS accounts
b b b b b b b b b b b
so that you centrally manage them. - answer-When creating an IAM policy, a user can
b b b b b b b b b b b b b b b
be granted AWS Management Console access and programmatic access.
b b b b b b b b b
Which of the following are best practices to secure your account using AWS Identity and
b b b b b b b b b b b b b b
Access Management (IAM)? (Choose two.) - answer-Managing access to AWS
b b b b b b b b b b
resources and defining fine-grained access rights are best practices when securing
b b b b b b b b b b b
accounts with AWS IAM.
b b b b
Which of the following should be done by the AWS account root user. - answer-
b b b b b b b b b b b b b b
Changing the AWS support plan can only be done by the AWS account root user. The
b b b b b b b b b b b b b b b
other tasks are done with IAM.
b b b b b b
After initial login, what does AWS recommend as best practice for the AWS account
b b b b b b b b b b b b b
root user? (Select the best answer.) - answer-After initial login, AWS recommends
b b b b b b b b b b b b
deleting the access keys of the AWS account root user as the best practice.
b b b b b b b b b b b b b b
How would the system administrator add an additional layer of login security to a user's
b b b b b b b b b b b b b b
AWS management console? (Select the best answer.) - answer-To add an additional
b b b b b b b b b b b b
layer of login security to a user's AWS Management Console, enable multi-factor
b b b b b b b b b b b b
authentication.
b
