AWS Academy Cloud Foundation Module 4 Quiz Answers 2025| AWS Cloud Security

In this Post we discuss about the AWS Cloud Security module answers. The key considerations and best practices that can help safeguard your valuable data and resources in the AWS environment. Whether you are a small business owner or an IT professional looking to enhance your understanding of AWS security, this post aims to equip you with foundational knowledge and actionable insights to bolster your cloud security posture.

Click Here For:  Module 3 Quiz Answers

AWS Cloud Security 

Q1. What is the AWS Shared Security Model?

Answer: 

AWS is responsible for protecting the infrastructure that runs all the services that are offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run the AWS Cloud services. "Security of the cloud"

The customer is responsible for the encryption of data at rest and data in transit. The customer should also ensure that the network is configured for security and that security credentials and logins are managed safely. "Security in the cloud"

Based on the question select the answer, If the question asks like this, 

• In the shared responsibility model, AWS is responsible for providing what ?  

The answer for this question will be Security of the cloud. 

Q2. In the shared responsibility model, which of the following are examples of

       " Security in the cloud" ? 

A. Compliance with compute security standards and regulations. 

B. Physical security of the facilities in which the service operates. 

C. Security group configurations. 

D. Encryption of the data at rest and data in transit. 

E. Protecting the global infrastructure. 

Answer: 

 [ C ] , [ D ]  

 Q3. Which of the following is the responsibility of AWS under the AWS shared responsibility 

        model? (Select the best answer).

A. Configuring third party applications.

B. Maintaining physical hardware.

C. Security application access and data.

D. Managing custom Amazon machine images (AMI's).

Answer: 
                Maintaining physical hardware.

Q4. When creating an AWS Identity and Access Management (IAM) policy, what are the two 

      types of access that can be granted to a user? (Choose two).

A. Institutuional Access.

B. Authorized Access.

C. Programmatic Access.

D. AWS Management Console Access.

E. Administrative Root Access.

Answer: 

Programmatic Access.

AWS Management Console Access.

Q5. True or false? AWS organizations enables you to consolidate multiple aws accounts so that 

       you centrally manage them.

           True.

           False.

Answer: 
                   True.

Q6. Which of the following are best practices to secure your account using aws identity and 

         access management? (Choose 2).

A. Provide users with default administrative privileges.

B. Leave unused and unnecessary users and credentials in place.

C. Manage access to AWS resources.

D. Avoid using IAM groups to grant the same access permissions to multiple users.

E. Define fine-grained access rights.

Answer: 

Manage access to AWS resources.

Define fine-grained access rights.

Q7. Which of the following should be done by the AWS account root user? 

       (Select the best answer).

A. Secure access for applications.

B. Integrate with other AWS services.

C. Change granular permissions.

D. Change the AWS support plan.

Answer: 

Change the AWS support plan.

Q8. After initial login, what does AWS recommend as the best practice for the AWS account 

       root user?

A. Delete the AWS account root user.

B. Revoke all permissions on the AWS account root user.

C. Restrict permission on the AWS account root user.

D. Delete the access keys of the AWS account root user.

Answer: 

Delete the access keys of the AWS account root user.

Q9. How would a system administrator add an additional layer of login security to a user's 

       AWS management console?

A. Use Amazon Cloud Directory.

B. Audit AWS Identity and Access Management (IAM) roles.

C. Enable multi-factor authentication.

D. Enable AWS CloudTrail.

Answer: 

Enable multi-factor authentication.

Q10. True or false? AWS key management service (AWS KMS) enables you to assess, audit, 

         and evaluate the configurations of your AWS resources.

             True.

             False.

Answer: 

                    False.

Click Here For:  Module 5 Quiz Answers

Conclusion: 

By familiarizing yourself with the fundamental aspects of AWS cloud security, you can proactively address potential vulnerabilities and ensure a robust security posture for your organization's cloud infrastructure. Stay tuned for our upcoming posts, where we will delve deeper into specific security topics and provide practical tips to further enhance your AWS cloud security strategy.