Chapter 5: Securing Your AWS Resources
-
A. Identity and Access Management (IAM) is primarily focused on helping you control access to your AWS resources. KMS handles access keys. EC2 manages SSH key pairs. While IAM does touch on federated management, that’s not its primary purpose.
-
A, B, D. Including a space or null character is not a password policy option.
-
C, D. The root user should not be used for day-to-day admin tasks—even as part of an “admin” group. The goal is to protect root as much as possible.
-
D. MFA requires at least two (“multi”) authentication methods. Those will normally include a password (something you know) and a token sent to either a virtual or physical MFA device (something you have).
-
B. The -i argument should point to the name (and location) of the key stored on the local (client) machine. By default, the admin user on an Amazon Linux instance is named ec2-user.
-
B. While assigning permissions and...