Q1. What is a proper definition of IAM Roles?

Ans.An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services (Some AWS service will need to perform actions on your behalf. To do so, you assign permissions to AWS services with IAM Roles.)

Q2. Which of the following is an IAM Security Tool?

Ans.IAM Credentials Report (IAM Credentials report lists all your account’s users and the status of their various credentials. The other IAM Security Tool is IAM Access Advisor. It shows the service permissions granted to a user and when those services were last accessed.)

Q3. Which answer is INCORRECT regarding IAM Users?

IAM Users access AWS with the root account credentials (IAM Users access AWS using a username and a password.)

Q4. Which of the following is an IAM best practice?

Ans.Don’t use the root user account (You only want to use the root account to create your first IAM user, and for a few account and service management tasks. For every day and administration tasks, use an IAM user with permissions.)

Q5. What are IAM Policies?

Ans.JSON documents to define Users, Groups or Roles’ permissions (An IAM policy is an entity that, when attached to an identity or resource, defines their permissions.)

Q6. Under the shared responsibility model, what is the customer responsible for in IAM?

Ans.Assigning users proper IAM Policies (Customers are responsible for defining and using IAM policies.)

Q.7 Which principle should you apply regarding IAM Permissions?

Ans.Grant least privilege (That’s right! Don’t give more permissions than the user needs.)

Q8. What should you do to increase your root account security?

Ans.Enable Multi-Factor Authentication (MFA) (You want to enable MFA in order to add a layer of security, so even if your password is stolen, lost or hacked your account is not compromised.)