AWS AWS Identity & Access Management

Question 1

Which type of IAM policy is attached directly to an AWS resource, such as an S3 bucket, rather than to an IAM identity?

Accepted Answer

Resource-based Policy

Answer

Managed Policy

Answer

Inline Policy

Answer

Permission Boundary

Question 2

Which AWS service provides centralized single sign-on access to multiple AWS accounts and business applications?

Accepted Answer

AWS IAM Identity Center

Answer

AWS IAM

Answer

Amazon Cognito

Answer

AWS Directory Service

Question 3

What happens when an IAM policy evaluation encounters both an explicit Allow and an explicit Deny for the same action?

Accepted Answer

Deny wins

Answer

Allow wins

Answer

The most recent policy wins

Answer

An error is returned

Question 4

Which IAM feature allows an EC2 instance to make AWS API calls without embedding long-term credentials in the instance?

Accepted Answer

Instance Profile

Answer

IAM User access keys

Answer

Service Control Policy

Answer

Permission Boundary

Question 5

Which IAM policy type defines the maximum permissions available to IAM entities within an AWS Organizations member account?

Accepted Answer

Service Control Policy

Answer

Permission Boundary

Answer

Resource-based Policy

Answer

Session Policy

Question 6

What IAM feature restricts the maximum permissions an IAM entity can grant, even if more permissive policies are attached?

Accepted Answer

Permission Boundary

Answer

Service Control Policy

Answer

Inline Policy

Answer

Trust Policy