AWS Certified Developer - Associate Questions and Answers (Dumps and Practice Questions)

Question : Which of the below mentioned options is not a best practice to securely manage the AWS access credentials?

1. Create strong access key and secret access key and attach to the root account
2. Keep rotating your secure access credentials at regular intervals
3. Access Mostly Uused Products by 50000+ Subscribers
4. If you have the root account keys, delete them

Correct Answer : Get Lastest Questions and Answer :
Explanation: Lock away your AWS account (root) access keys

You use an access key (an access key ID and secret access key) to make programmatic requests to AWS. However, do not use your AWS account (root) access key. The access key for your AWS account gives full access to all your resources for all AWS services, including your billing information. You cannot restrict the permissions associated with your AWS account access key. Therefore, protect your AWS account access key like you would your credit card numbers or any other sensitive secret. Here are some ways to do that:

If you don't already have an access key for your AWS account, don't create one unless you absolutely need to. Instead, use your account email address and password to sign in to the AWS Management Console and create an IAM user for yourself that has administrative privileges, as explained in the next section.

If you do have an access key for your AWS account, delete it. If you must keep it, rotate (change) the access key regularly. To delete or rotate your AWS account access keys, go to the Security Credentials page in the AWS Management Console and sign in with your account's email address and password. You can manage your access keys in the Access Keys section.
Never share your AWS account password or access keys with anyone. The remaining sections of this document discuss various ways to avoid having to share your account credentials with other users and to avoid having to embed them in an application.
Use a strong password to help protect account-level access to the AWS Management Console. For information about managing your AWS account password, see Changing Your AWS Account Password.
Enable AWS multifactor authentication (MFA) on your AWS account. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS.

Create individual IAM users : Don't use your AWS root account credentials to access AWS, and don't give your credentials to anyone else. Instead, create individual users for anyone who needs access to your AWS account. Create an IAM user for yourself as well, give that user administrative privileges, and use that IAM user for all your work. For information about how to do this, see Creating an Administrators Group Using the Console.By creating individual IAM users for people accessing your account, you can give each IAM user a unique set of security credentials. You can also grant different permissions to each IAM user. If necessary, you can change or revoke an IAM user's permissions any time. (If you give out your AWS root credentials, it can be difficult to revoke them, and it is impossible to restrict their permissions.)
Note : Before you set permissions for individual IAM users, though, see the next point about groups.It is a recommended approach to avoid using the access and secret access keys of the root account. Thus, do not download or delete it. Instead make the IAM user as powerful as the root account and use its credentials. The user cannot generate their own access and secret access keys as they are always generated by AWS.

Question : A root account owner is trying to setup an additional level of security for all his IAM users.
Which of the below mentioned options is a recommended solution for the account owner?

1. Enable MFA for all IAM users
2. Enable MFA for the root account
3. Access Mostly Uused Products by 50000+ Subscribers
4. Enable access key and secret access key for all the IAM users

Correct Answer : Get Lastest Questions and Answer :

Explanation: For increased security, we recommend that you protect your AWS resources by configuring AWS multi-factor authentication (MFA). MFA adds extra security by requiring users to enter a unique authentication code from their authentication device when accessing AWS websites or services.

For MFA to work, you must assign an MFA device (hardware or virtual) to the IAM user or root account. The MFA device must be unique for each user; a user cannot enter a code from another user's device to authenticate. This section shows you how to set up and enable a new MFA device, as well as how to synchronize and deactivate existing devices, and what to do when a device is lost or stops working. Multi-Factor Authentication adds an extra level of security for all the users. The user can enable MFA for all IAM users which ensures that each user has to provide an extra six digit code for authentication.

Question : HadoopExam Learning Resources is planing to use RDS as a managed DB platform (Which is used as a backend database for www.HadoopExam.com).
Which of the below mentioned features is not supported by RDS?

1. Automated software patching
2. Automated failure detection and recovery
3. Access Mostly Uused Products by 50000+ Subscribers
4. Automated backup

Correct Answer : Get Lastest Questions and Answer :

Explanation: AWS RDS provides a managed DB platform, which offers features, such as automated backup, patch management, automated failure detection and recovery. The scaling is not automated and the user needs to plan it with a few clicks. Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizeable capacity for an industry-standard relational database and manages common database administration tasks.

Why would you want a managed relational database service? Because Amazon RDS takes over many of the difficult or tedious management tasks of a relational database.

When you buy a server, you get CPU, memory, storage, and IOPS, all bundled together. With Amazon RDS, these are split apart so that you can scale them independently. So, for example, if you need more CPU, less IOPS, or more storage, you can easily allocate them.

Amazon RDS manages backups, software patching, automatic failure detection, and recovery.

In order to deliver a managed service experience, Amazon RDS does not provide shell access to DB instances, and it restricts access to certain system procedures and tables that require advanced privileges.

You can have automated backups performed when you need them, or create your own backup snapshot. These backups can be used to restore a database, and the Amazon RDS restore process works reliably and efficiently.

You can get high availability with a primary instance and a synchronous secondary instance that you can failover to when problems occur. You can also use MySQL or PostgreSQL Read Replicas to increase read scaling.

You can use the database products you are already familiar with: MySQL, PostgreSQL, Oracle, Microsoft SQL Server, and the new, MySQL-compatible Amazon Aurora DB engine (for information, see Aurora on Amazon RDS).

In addition to the security in your database package, you can help control who can access your RDS databases by using AWS IAM to define users and permissions. You can also help protect your databases by putting them in a virtual private cloud.

AWS Certified Developer - Associate Questions and Answers (Dumps and Practice Questions)

Related Questions