Quiz - Protect and Manage Resources
Copyright © 2020 ChandraMohan Lingam. All Rights Reserved.
To receive a copy of your response fill out your email.
Sign in to Google
to save your progress.
The case-study and quizzes are from the courses:
Part 1: AWS Certified Solutions Architect (and CD, SysOps) – 2020
2020 Practice Test AWS Solutions Architect Associate SAA-C01, C02
Which one of these options may not help in safeguarding data from an attacker who managed to gain read access to the bucket?
Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
Server-Side Encryption with Customer Master Keys (CMKs) Stored in AWS Key Management Service (SSE-KMS)
Server-Side Encryption with Customer-Provided Keys (SSE-C)
What additional policy statement could block the requests from an attacker?
An identity-based policy that grants access only if the tags match between the requester and the resource
A bucket policy that grants access only if the tags match between a requester and the resource
An identity-based policy that denies access if there is a mismatch in tag between the requester and the resource
A bucket policy that denies access if there is a mismatch in tag between a requester and the resource
An EC2 instance is configured to use only version 2 of instance metadata service (IMDS). What call is used for acquiring a token from IMDS?
Which of these tools may have blocked the attacker described in the case study?
AWS WAF with properly configured rules to blacklist suspicious requests
AWS WAF configured to observe the request in Count mode
AWS WAF configured to rate-limit based on the number of calls from a source
VPC Network ACL that blocks requests from the attacker IP address
EC2 Instance security group that blocks requests from the attacker IP Address
A copy of your responses will be emailed to the address you provided.
This content is neither created nor endorsed by Google.
Terms of Service