AWS Certified Solutions Architect - Chap 3 Questions
Chapters 3 - Identity Access Management (IAM)
- What is the difference between a group and a role?
A group allows you to add users to a group, where as a role allows you to add both users and AWS resources.
- Power User Access allows....
Access to all AWS services except for management of groups and users within IAM.
- EC2 instances can have credentials stored on them so that the instances can access other resources (such as S3 buckets) and AWS recommends that you do this instead of assigning roles.
False
- When using active directory to authenticate to AWS what are the correct steps performed?
1) The user navigates to ADFS webserver2) The user enter in their single sign on credentials3) The user's web browser receives a SAML assertion from the AD server4) The user's browser then posts the SAML assertion to the AWS SAML end point for SAML and the AssumeRoleWithSAML API request is used to request temporary security credentials.
5) The user is then able to access the AWS Console.
- SAML stands for Security Assertion Markup Language.
True
- Which is NOT a feature of IAM?
Allows you to setup biometric authentication, so that no passwords are required.
A group allows you to add users to a group, where as a role allows you to add both users and AWS resources.
Access to all AWS services except for management of groups and users within IAM.
False
1) The user navigates to ADFS webserver2) The user enter in their single sign on credentials3) The user's web browser receives a SAML assertion from the AD server4) The user's browser then posts the SAML assertion to the AWS SAML end point for SAML and the AssumeRoleWithSAML API request is used to request temporary security credentials.
5) The user is then able to access the AWS Console.
True
Allows you to setup biometric authentication, so that no passwords are required.
Comments
Post a Comment