Bash, the Crucial Exams Chat Bot
AI Bot
IAM and Security Management Flashcards
AWS Certified CloudOps Engineer Associate SOA-C03 Flashcards
| Front | Back |
| What does a Deny statement in an IAM policy do | Explicitly prevents users from performing specified actions |
| What does IAM stand for | Identity and Access Management |
| What does the term "key rotation" refer to | The process of periodically changing cryptographic keys to maintain security |
| What is a Security Incident Response Plan | A documented strategy to manage and recover from security breaches |
| What is an IAM policy | A JSON document that defines permissions for users, groups, or roles in IAM |
| What is Multi-Factor Authentication (MFA) | An authentication method that requires multiple forms of verification to prove identity |
| What is the difference between an IAM User and an IAM Role | Users are identities for individuals, while Roles are temporary identities for tasks or applications |
| What is the function of IAM service-linked roles | To allow cloud services to manage resources on behalf of users securely |
| What is the main purpose of access keys | To allow programmatic access to cloud services for users and applications |
| What is the principle of least privilege | Granting users only the permissions they need to perform their job functions |
| What is the purpose of a WAF (Web Application Firewall) | To protect applications from common web threats like SQL injection and XSS |
| What is the purpose of an audit trail in security management | To track and log access and activity for detecting unauthorized actions |
| What is the purpose of cloud resource tagging in security management | To organize and track access policies and resource ownership |
| What is the shared responsibility model in cloud security | A model where cloud providers manage the infrastructure security while customers handle data and application security |
| What should you do with unused IAM User accounts | Disable or delete them to reduce the attack surface |
| What should you monitor to ensure IAM security | Logins, permission changes, and usage of elevated privileges |
| What type of access is granted by default in IAM | Deny, unless explicitly allowed |
| Why is least privilege considered a best practice | It reduces the risk of malicious or accidental misuse of permissions |
| Why is role-based access control (RBAC) important | It simplifies access management by assigning permissions to roles rather than individuals |
| Why should you rotate access keys regularly | To minimize the risk of key compromise |
This deck focuses on Identity and Access Management (IAM), security best practices, and incident response procedures tailored for CloudOps Engineers.