Quiz: Module 02: Identity and Access Management (IAM) and Security
Test your understanding of the concepts covered in this module.
7 questions
- 1
What is the difference between authentication and authorization in AWS IAM?
- 3
Which of the following is a characteristic of an AWS managed policy? (Select TWO.)Select multiple
- 4
In an IAM JSON policy document, which element specifies whether the statement allows or denies access?
- 5
An IAM policy explicitly allows `s3:GetObject` on all S3 resources. A second IAM policy explicitly denies `s3:*` on all S3 resources. Both policies are attached to the same user. What happens when the user attempts to call `s3:GetObject`?
- 6
How does an IAM role differ from an IAM user?
- 9
Which of the following best describes the purpose of a service role in IAM?
- 10
A company uses AWS Organizations to manage multiple AWS accounts. The security team attaches an SCP to the Production organizational unit (OU) that denies `s3:DeleteBucket`. An IAM administrator in a member account under that OU has the `AdministratorAccess` managed policy attached. Can the administrator delete an S3 bucket in that member account?