Practice - 5 Tasks
Answer the questions below
1fill in blank
easyComplete the code to specify the AWS service that helps control user access.
AWS
Use AWS [1] to manage user permissions securely. Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Confusing IAM with EC2 or S3 services.
Choosing Lambda which is for running code, not managing access.
✗ Incorrect
IAM (Identity and Access Management) is the AWS service used to control user access and permissions.
2fill in blank
mediumComplete the code to specify the AWS feature that encrypts data at rest.
AWS
Enable [1] to protect stored data automatically. Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Choosing CloudTrail which is for logging, not encryption.
Selecting CloudWatch which monitors resources.
✗ Incorrect
AWS KMS (Key Management Service) is used to manage encryption keys for data protection at rest.
3fill in blank
hardFix the error in the code to enable multi-factor authentication (MFA) for AWS users.
AWS
To increase security, enable [1] for user sign-in.
Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Confusing MFA with VPN or firewall settings.
Choosing Single Sign-On which is for user convenience, not extra security.
✗ Incorrect
MFA adds an extra layer of security by requiring a second form of verification during sign-in.
4fill in blank
hardFill both blanks to complete the AWS security best practice for network protection.
AWS
Use [1] to control inbound and outbound traffic, and [2] to isolate resources within a virtual network.
Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Mixing IAM Roles with network controls.
Confusing CloudTrail with traffic control.
✗ Incorrect
Security Groups act as virtual firewalls controlling traffic, and VPCs isolate resources in a private network.
5fill in blank
hardFill all three blanks to complete the AWS security principle for monitoring and auditing.
AWS
Enable [1] to record API calls, use [2] to monitor logs, and set up [3] to alert on suspicious activity.
Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Confusing IAM with monitoring services.
Choosing services that do not send alerts.
✗ Incorrect
CloudTrail records API calls, CloudWatch monitors logs, and SNS sends alerts for security events.