What does the principle of least privilege ensure in cloud IAM?
Response:
A. Users have access to all services within their organization
B. Users cannot access any services without admin approval
C. Users have full access to all services
D. Users only have the minimum necessary permissions to perform their tasks
正解:D
質問 2:
What is the main purpose of cloud application firewalls?
Response:
A. To control access to virtual machines
B. To reduce data redundancy
C. To block malicious traffic and prevent web-based attacks
D. To improve data storage efficiency
正解:C
質問 3:
Which best practices should be followed for securing long-term cloud credentials?
(Choose two)
Response:
A. Use multi-factor authentication for accessing credentials
B. Disable encryption for easier access
C. Share credentials with all team members
D. Store credentials in encrypted form
正解:A,D
質問 4:
Which tool is commonly used to assess the security compliance of cloud environments?
Response:
A. AWS Config
B. AWS Lambda
C. AWS S3
D. AWS EC2
正解:A
質問 5:
Your company has recently experienced unauthorized access to sensitive cloud resources. Upon investigation, it was discovered that several user accounts had access to services they did not require, and multi-factor authentication (MFA) was not enforced. What actions should you take to improve IAM security and prevent further unauthorized access?
(Choose three)
Response:
A. Remove all access controls to simplify the IAM setup
B. Enforce multi-factor authentication (MFA) for all users
C. Create detailed IAM policies to control access based on job roles
D. Implement the principle of least privilege for all user accounts
E. Disable logging for IAM events to improve performance
正解:B,C,D
質問 6:
What are best practices for securing encryption keys in cloud environments?
(Choose two)
Response:
A. Share encryption keys with all users for easy access
B. Store keys in the same location as encrypted data
C. Use a hardware security module (HSM) to manage keys
D. Rotate encryption keys periodically
正解:C,D
質問 7:
Which AWS service provides automated encryption of EBS volumes to enhance data protection?
Response:
A. AWS KMS
B. AWS S3
C. AWS EC2
D. AWS IAM
正解:A
1290 お客様のコメント





相沢** -
GPCS資格は取得することができました。
よい参考書です。