AWS

AWS Interview Questions and Answer Part – 33

January 18, 2020 comments off

To take advantage of the greatest number of features available in Active Directory while having Amazon responsible for the management of the operating system and underlying hardware, you should choose:

  • LDAP
  • AD Redirector
  • Simple AD
  • Enterprise AD (Ans)
  • AD Connector

Which AWS Directory Services Offering does not store data in AWS but rather redirects all access to an on-premises Active Directory implementation?

  • Enterprise AD
  • AD Redirector
  • AD Connector (Ans)
  • LDAP
  • Simple AD

Which of the following is NOT an available effect?

  • Allow
  • Deny
  • Permit (Ans)

The root user credentials should be shared with all top-level administrators.

  • False (Ans)
  • True

The best way for administrators in one AWS account to backup administrators in another account (such as for vacation or sickness) is:

  • Create IAM users in each account for the administrators in the other account.
  • Share account names and passwords as needed.
  • Create roles in each account that can be assumed by administrators in the other account. (Ans)
  • Create a generic admin account for administrators in the other account to use.

Trusted advisor is designed to do which of the following:

  • Find unused IAM Groups
  • Reduce cost (Ans)
  • Report on compliance
  • Find IAM Users with excess permissions

To maximize the safety of data that has been backed up, you should:

  • Backup to two different S3 buckets in different regions.
  • Set permissions on the backup destination to forbid deleting content.
  • Use Lifecycle policies to manage backups and expire outdated ones.
  • Backup to a different account. (Ans)

Consolidated billing is used to:

  • Pay for all the charges in multiple AWS accounts. (Ans)
  • Report on the spending within an account.
  • Report on the spending across accounts.

Consolidated Billing can be used to secure volume discounts:

  • Within an account
  • Across multiple accounts (Ans)
  • Within a region

IAM roles are used when federating with users authenticated outside of AWS, such as Active Directory and Google.

  • True (Ans)
  • False

The Principle of Least Priviledge should be used to:

  • Create as few policies as possible
  • Grant users just enough permissions to do their jobs (Ans)
  • Grant as few policies as possible to users

If trusts are required between Active Directory domains hosted via AWS Directory Services, you must select:

  • AD Redirector
  • Enterprise AD (Ans)
  • ADConnector
  • Simple AD
  • LDAP

To utilize AWS Directory Services’ Enterprise AD offering, which VPC range must be excluded from those you can use:

  • 198.19.0.0/16 (Ans)
  • 10.255.0.0/16
  • 192.168.0.0/16
  • 172.16.0.0/16

Which of the following can occur if the root account is compromised?

  • None of these
  • Resources can be deleted
  • All of these (Ans)
  • Resorces can be created
  • Data can be stolen

An IAM user may have _ access keys maximum.

  • 5
  • 2 (Ans)
  • 1
  • unlimited
  • 3

IAM accounts can be used to enforce the principle of least privilege.

  • False
  • True (Ans)

Which of the following cannot be used to create an IAM policy?

  • Policy Creator (Ans)
  • Copying an AWS managed policy
  • Creating a policy in JSON
  • Policy Generator

Credential Report contains the following information:

  • Regions used by this IAM user
  • Access Key last used object
  • IAM user last used region
  • Access Key last used region (Ans)

Simple AD uses:

  • Samba (Ans)
  • Windows Active Directory
  • Novell eDirectory

Which of the following can have passwords assigned to them?

  • IAM Users (Ans)
  • IAM Groups
  • IAM Roles

Password policies can be set for which of the following?

  • All IAM users (all get the same policy applied) (Ans)
  • Each IAM user (individual settings for each user)
  • All IAM Groups (all get the same policy applied)
  • IAM Roles
  • Each IAM group (individual settings for each group)
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)