As a Security Administrator, you have hosted a website in Amazon S3, with the provision that users must access the website using an Amazon CloudFront distribution. The users are restricted from accessing the website directly using an Amazon S3 URL. What configuration combinations would satisfy these requirements? (Select two)
As a Security Administrator, you have hosted a website in Amazon S3, with the provision that users must access the website using an Amazon CloudFront distribution. The users are restricted from accessing the website directly using an Amazon S3 URL. What configuration combinations would satisfy these requirements? (Select two)
A corporation wishes to regulate access to its AWS resources by implementing identities and groups from its existing Microsoft Active Directory. What should the company establish in its AWS account to align AWS service permissions with Active Directory user attributes?
A corporation wishes to regulate access to its AWS resources by implementing identities and groups from its existing Microsoft Active Directory. What should the company establish in its AWS account to align AWS service permissions with Active Directory user attributes?
Your company's EC2 instances are governed by complex connectivity rules for ingress, egress, and inter-instance communication. These rules exceed the maximum limits of security groups and network access control lists (NACLs). How can you implement the required network rules without additional costs?
Your company's EC2 instances are governed by complex connectivity rules for ingress, egress, and inter-instance communication. These rules exceed the maximum limits of security groups and network access control lists (NACLs). How can you implement the required network rules without additional costs?
As an IAM user, you have full EC2 permissions. However, you have recently encountered an issue where you could not start an Amazon EC2 instance after it was stopped for maintenance. During the startup process, the instance state briefly changes to 'Pending', then reverts back to 'Stopped'. On investigation, you notice the instance has Amazon EBS volumes attached that were encrypted using a Customer Master Key (CMK). When these encrypted volumes were detached, you were able to start the EC2 instances. The IAM policy is as follows:
As an IAM user, you have full EC2 permissions. However, you have recently encountered an issue where you could not start an Amazon EC2 instance after it was stopped for maintenance. During the startup process, the instance state briefly changes to 'Pending', then reverts back to 'Stopped'. On investigation, you notice the instance has Amazon EBS volumes attached that were encrypted using a Customer Master Key (CMK). When these encrypted volumes were detached, you were able to start the EC2 instances. The IAM policy is as follows:
Imagine a scenario where a Security Architect has created an Amazon CloudWatch event that triggers a Lambda function on a daily schedule. The Lambda function executes an Amazon Athena query that scrutinizes AWS CloudTrail logs stored in an Amazon S3 bucket, searching for any newly created IAM user accounts or credentials within the past month. The results obtained from the Athena query are then stored back into the same S3 bucket. When the Lambda function is tested through the AWS Console, it works fine. However, after several minutes, the Architect observes that the Athena query failed due to 'Insufficient Permissions'. Given the IAM permissions of the Security Architect and the Lambda function provided below, can you identify the cause of the problem?
Imagine a scenario where a Security Architect has created an Amazon CloudWatch event that triggers a Lambda function on a daily schedule. The Lambda function executes an Amazon Athena query that scrutinizes AWS CloudTrail logs stored in an Amazon S3 bucket, searching for any newly created IAM user accounts or credentials within the past month. The results obtained from the Athena query are then stored back into the same S3 bucket. When the Lambda function is tested through the AWS Console, it works fine. However, after several minutes, the Architect observes that the Athena query failed due to 'Insufficient Permissions'. Given the IAM permissions of the Security Architect and the Lambda function provided below, can you identify the cause of the problem?
A corporation has hired an external auditor to perform an audit on multiple AWS accounts. Cross-account IAM roles were established in each account for this audit. However, the auditor is encountering difficulties accessing some of the accounts. What could be the potential reasons behind this issue? (Select three.)
A corporation has hired an external auditor to perform an audit on multiple AWS accounts. Cross-account IAM roles were established in each account for this audit. However, the auditor is encountering difficulties accessing some of the accounts. What could be the potential reasons behind this issue? (Select three.)
In a security incident, your company's Incident Response team needs to be able to audit changes made to a user's IAM permissions. Which AWS service would allow you to achieve this?
In a security incident, your company's Incident Response team needs to be able to audit changes made to a user's IAM permissions. Which AWS service would allow you to achieve this?