9. Security, Identity and Compliance

Question 1

What does AWS stand for?

Answer 1

Amazon Web Services

Question 2

True or False: AWS provides a shared responsibility model for security.

Answer 2

True

Question 3

What is the primary purpose of AWS Identity and Access Management (IAM)?

Answer 3

To manage access to AWS services and resources securely.

Question 4

Fill in the blank: IAM policies are written in __________.

Answer 4

JSON

Question 5

What service can be used to manage user access to AWS resources?

Answer 5

AWS IAM

Question 6

Which AWS service allows you to define user roles and permissions?

Answer 6

AWS IAM

Question 7

What is an IAM role?

Answer 7

An IAM role is an AWS identity with specific permissions that can be assumed by trusted entities.

Question 8

True or False: AWS Organizations allows you to manage multiple AWS accounts.

Answer 8

True

Question 9

What is the purpose of AWS CloudTrail?

Answer 9

To enable governance, compliance, and operational and risk auditing of your AWS account.

Question 10

What does MFA stand for in the context of AWS security?

Answer 10

Multi-Factor Authentication

Question 11

What is the use of AWS Key Management Service (KMS)?

Answer 11

To create and control cryptographic keys for your applications and services.

Question 12

Which AWS service provides a centralized way to manage and audit access to AWS resources?

Answer 12

AWS IAM

Question 13

What is the difference between an IAM user and an IAM role?

Answer 13

An IAM user is a permanent identity with long-term credentials, while an IAM role is a temporary identity with specific permissions.

Question 14

Which AWS service can be used to encrypt data at rest?

Answer 14

AWS KMS

Question 15

True or False: Security groups act as a firewall for your Amazon EC2 instances.

Answer 15

True

Question 16

What is a VPC in AWS?

Answer 16

A Virtual Private Cloud that enables you to launch AWS resources in a virtual network.

Question 17

What does the AWS Well-Architected Framework include?

Answer 17

Best practices for building secure, high-performing, resilient, and efficient infrastructure for applications.

Question 18

Fill in the blank: AWS provides __________ to help you monitor your applications and resources.

Answer 18

CloudWatch

Question 19

What is the purpose of AWS Config?

Answer 19

To provide AWS resource inventory, configuration history, and configuration change notifications.

Question 20

True or False: AWS Shield provides DDoS protection.

Answer 20

True

Question 21

Which AWS service helps you manage compliance with security standards?

Answer 21

AWS Artifact

Question 22

What is the main function of Amazon GuardDuty?

Answer 22

To provide intelligent threat detection and continuous monitoring for malicious activity.

Question 23

What is the purpose of AWS Secrets Manager?

Answer 23

To protect access to your applications, services, and IT resources without the upfront investment and on-going maintenance costs of operating your own infrastructure.

Question 24

Fill in the blank: __________ is the service that allows you to set up a firewall to control access to your AWS resources.

Answer 24

AWS WAF

Question 25

True or False: IAM policies can be attached to users, groups, and roles.

Answer 25

True

Question 26

What does AWS Security Hub do?

Answer 26

It provides a comprehensive view of your high-priority security alerts and compliance status across AWS accounts.

Question 27

What is a common best practice for managing AWS IAM credentials?

Answer 27

Rotate IAM credentials regularly.

Question 28

What type of authentication does AWS Cognito provide?

Answer 28

User authentication and access control for applications.

Question 29

Fill in the blank: AWS __________ allows you to build applications that require authentication and authorization.

Answer 29

Cognito

Question 30

True or False: You can use IAM roles to grant permissions to AWS services to access other AWS resources.

Answer 30

True

Question 31

What is the main benefit of using an AWS VPN?

Answer 31

To securely connect your on-premises network to an AWS VPC.

Question 32

Which AWS service provides a way to monitor and respond to security incidents?

Answer 32

AWS Security Hub

Question 33

Fill in the blank: __________ is used to manage and rotate database credentials.

Answer 33

AWS Secrets Manager

Question 34

What is the main purpose of AWS Artifact?

Answer 34

To provide access to AWS's compliance documentation.

Question 35

What does the principle of least privilege mean?

Answer 35

Users should only have the permissions necessary to perform their job functions.

Question 36

True or False: Data in transit can be encrypted using AWS services.

Answer 36

True

Question 37

What is the purpose of AWS CloudFormation in the context of security?

Answer 37

To automate the deployment of AWS resources with predefined security configurations.

Question 38

Fill in the blank: __________ is used to create and manage user permissions for AWS resources.

Answer 38

AWS IAM

Question 39

What security feature does Amazon S3 offer to control access to buckets?

Answer 39

Bucket policies and access control lists (ACLs).

Question 40

What is AWS Inspector used for?

Answer 40

To assess the security and compliance of applications deployed on AWS.

Question 41

True or False: AWS provides automatic backups for all services.

Answer 41

False

Question 42

What is a security group in AWS?

Answer 42

A virtual firewall that controls inbound and outbound traffic for AWS resources.

Question 43

Fill in the blank: AWS __________ provides a scalable and secure way to store and retrieve any amount of data.

Answer 43

S3

Question 44

What is the purpose of AWS CloudTrail?

Answer 44

To log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.

Question 45

What type of encryption does AWS S3 support?

Answer 45

Server-side and client-side encryption.

Question 46

True or False: AWS accounts can be linked together for consolidated billing.

Answer 46

True

Question 47

What is the function of AWS Lambda in terms of security?

Answer 47

To run code in response to events without provisioning or managing servers.

Question 48

Fill in the blank: __________ allows you to set up rules to block malicious web traffic.

Answer 48

AWS WAF

Question 49

What does the term 'data sovereignty' refer to?

Answer 49

The concept that data is subject to the laws and governance structures within the nation it is collected.

Question 50

What is the role of AWS Organizations in security?

Answer 50

To manage multiple AWS accounts and apply security policies across them.

Question 51

What is the purpose of AWS Control Tower?

Answer 51

To set up and govern a secure, multi-account AWS environment based on best practices.

Question 52

True or False: AWS allows you to set up custom security policies for IAM users.

Answer 52

True

Question 53

What is a bastion host?

Answer 53

A special-purpose instance that acts as a gateway to access instances in a private subnet.

Question 54

Fill in the blank: AWS __________ provides tools for managing security compliance at scale.

Answer 54

Security Hub

Question 55

What is the purpose of AWS Resource Access Manager?

Answer 55

To share AWS resources across accounts securely.

Question 56

True or False: AWS services are designed to be compliant with various industry standards.

Answer 56

True

Question 57

What is the function of Amazon Macie?

Answer 57

To discover and protect sensitive data stored in AWS.

Question 58

Fill in the blank: AWS __________ provides an integrated view of security alerts and compliance status.

Answer 58

Security Hub

Question 59

What is the primary benefit of using AWS encryption services?

Answer 59

To protect sensitive data both at rest and in transit.

Question 60

What is the role of AWS Trusted Advisor?

Answer 60

To provide real-time guidance to help you provision your resources following AWS best practices.

Question 61

True or False: AWS services can be configured to automatically respond to security incidents.

Answer 61

True

Question 62

What is AWS Systems Manager used for?

Answer 62

To manage and automate operational tasks across AWS resources.

Question 63

Fill in the blank: __________ is a service that provides a unified view of security and compliance across AWS accounts.

Answer 63

AWS Security Hub

Question 64

What is the purpose of the AWS Well-Architected Tool?

Answer 64

To help you review the state of your workloads and compare them to AWS best practices.

Question 65

What does the AWS Compliance Program focus on?

Answer 65

Ensuring AWS services meet various regulatory and compliance standards.

Question 66

True or False: AWS provides a free tier for many of its security services.

Answer 66

True

Question 67

What is the function of Amazon Inspector?

Answer 67

To perform automated security assessments of applications deployed on AWS.

Question 68

Fill in the blank: AWS __________ provides a way to audit and monitor AWS account activity.

Answer 68

CloudTrail

Question 69

What is the purpose of AWS Config Rules?

Answer 69

To evaluate the configurations of your AWS resources against desired configurations.

Question 70

What does the term 'principle of least privilege' mean in AWS?

Answer 70

Users should have only the permissions necessary to perform their job functions.

Question 71

True or False: AWS allows you to set up alerts for security incidents.

Answer 71

True

Question 72

What is the purpose of AWS SSO?

Answer 72

To provide a centralized way to manage access to multiple AWS accounts.

Question 73

Fill in the blank: AWS __________ provides tools to help manage your security posture.

Answer 73

Security Hub