IAM (Identity and Access Management)

1.Scenario:
A company has multiple development teams, each working on different AWS projects. They need to
ensure that each team can manage its resources independently. What IAM feature should be used to
achieve this?

Question:
How can you enable multiple development teams to manage their AWS resources independently while
maintaining security?

a. IAM Roles
b. IAM Policies
c. IAM Users
d. IAM Groups

2.Scenario:
An organization wants to grant external partners temporary access to specific AWS resources. Which IAM
feature would be the most secure and scalable solution for this requirement?

Question:
What is the recommended IAM feature to grant temporary access to external partners for specific AWS
resources?

a. IAM Users
b. IAM Policies
c. IAM Roles with Temporary Credentials
d. IAM Groups with Time-Limited Permissions

3.Scenario:
A company is planning to migrate its on-premises applications to AWS. They want to ensure a seamless
transition without compromising security. What IAM feature should be utilized during this migration?

Question:
What IAM best practice should be followed to ensure a secure migration of on-premises applications to
AWS?

a. IAM Users with Access Keys

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
4.Scenario:
A business-critical application requires access to AWS services without storing long-term credentials.
What IAM feature provides temporary security credentials for applications running on Amazon EC2
instances?

Question:
How can you securely provide temporary security credentials for applications running on Amazon EC2
instances accessing AWS services?

a. IAM Policies
b. IAM Users with Access Keys
c. IAM Roles for EC2 Instances
d. IAM Groups with Cross-Account Access

5.Scenario:
An organization wants to implement fine-grained access control for S3 buckets based on user roles. What
IAM component should be used to define and manage these access control policies?

Question:
For fine-grained access control of S3 buckets based on user roles, which IAM component should be
used?

a. IAM Users
b. IAM Roles
c. IAM Policies
d. IAM Groups

6.Scenario:
A company is concerned about unauthorized changes to IAM policies. What IAM feature can help track
and review changes to policies?

Question:
How can you track and review changes made to IAM policies for improved security and auditing?

a. AWS CloudTrail
b. AWS Config
c. AWS IAM Inspector
d. AWS Identity Monitor

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
7.Scenario:
An organization is dealing with a large number of IAM users, and they want to simplify user management
by assigning permissions to groups. What IAM feature allows for this simplified management approach?

Question:
To simplify user management and assign permissions to multiple users at once, which IAM feature
should be used?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Groups

8.Scenario:
A company needs to provide temporary access to AWS resources for a third-party application. What IAM
mechanism allows the secure delegation of permissions without sharing access keys?

Question:
When providing temporary access to AWS resources for a third-party application, what IAM mechanism
should be used to avoid sharing access keys?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Trust Relationships

9.Scenario:
An organization is using AWS Organizations to manage multiple AWS accounts. What IAM feature allows
cross-account access and resource sharing?

Question:
To enable cross-account access and resource sharing within AWS Organizations, which IAM feature
should be utilized?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Trusts

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
10.Scenario:
A company wants to restrict access to certain AWS resources based on the source IP address. What IAM
feature should be used to enforce this security measure?

Question:
To restrict access to specific AWS resources based on source IP address, which IAM feature should be
implemented?

a. IAM Policies
b. IAM Roles
c. IAM Users with MFA
d. IAM Conditions

11.Scenario:
A large organization has multiple AWS accounts for different departments. They want to centralize user
authentication to a single AWS account. What IAM feature supports this centralized authentication?

Question:
For a large organization with multiple AWS accounts, what IAM feature allows centralizing user
authentication to a single AWS account?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Federation

12.Scenario:
A company has a requirement to rotate access keys regularly to enhance security. What IAM best practice
should be followed to automate the access key rotation process?

Question:
How can you automate the rotation of AWS IAM access keys to enhance security?

a. Use AWS Lambda with CloudWatch Events

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
13.Scenario:
An organization is deploying an application that requires AWS resources to interact with each other
securely. What IAM feature facilitates secure communication between AWS resources?

Question:
What IAM feature facilitates secure communication between AWS resources within an application?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Trust Relationships

14.Scenario:
A company wants to grant temporary access to their AWS environment for external consultants. What
IAM feature provides a secure way to grant temporary permissions without creating new IAM users?

Question:
How can you securely grant temporary access to AWS resources for external consultants without creating
new IAM users?

a. IAM Policies
b. IAM Roles
c. IAM Users with Limited Permissions
d. IAM Groups with External Trusts

15.Scenario:
A company is implementing a least privilege access strategy and wants to minimize the number of IAM
permissions granted to users. What IAM feature allows for fine-grained control over permissions?

Question:
To implement a least privilege access strategy and minimize the number of IAM permissions granted to
users, which IAM feature should be used?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Conditions

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
16.Scenario:
An organization is creating a disaster recovery plan for their AWS environment. What IAM best practice
should be followed to ensure the plan's success?

Question:
When creating a disaster recovery plan for an AWS environment, what IAM best practice should be
followed?

a. Regularly update IAM Policies

17.Scenario:
A company wants to enforce password policies for IAM users to enhance security. What IAM feature
allows for the implementation of password policies?

Question:
To enforce password policies for IAM users and enhance security, which IAM feature should be used?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Password Policies

18.Scenario:
An organization is using AWS Directory Service for Microsoft Active Directory integration. What IAM
feature enables users to sign in to the AWS Management Console using their AD credentials?

Question:
In an AWS environment integrated with AWS Directory Service for Microsoft Active Directory, what IAM
feature enables users to sign in to the AWS Management Console using their AD credentials?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Federation

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
19.Scenario:
A company is deploying an application with different components running on EC2 instances. What IAM
feature allows EC2 instances to securely interact with other AWS services without storing long-term
credentials?

Question:
For an application with EC2 instances needing secure interaction with other AWS services, what IAM
feature should be used to avoid storing long-term credentials?

a. IAM Policies
b. IAM Roles for EC2 Instances
c. IAM Users with Access Keys
d. IAM Groups with Cross-Account Access

20.Scenario:
An organization has a multi-tier web application where each tier requires specific permissions. What IAM
component should be used to grant permissions based on the principle of least privilege?

Question:
To implement the principle of least privilege in a multi-tier web application, which IAM component should
be used for fine-grained permissions?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Groups

21.Scenario:
You are tasked with securing an AWS environment. The organization requires users to have temporary
access to AWS resources for a specific period. How can you achieve this using IAM?

Question:
What AWS IAM feature allows you to grant temporary access to AWS resources with a specific
timeframe?

a. IAM Policies
b. IAM Roles
c. IAM Users
d. IAM Groups

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]
22.Scenario:
A company wants to enforce Multi-Factor Authentication (MFA) for all IAM users. What is the
recommended way to achieve this?

Question:
How can you enforce Multi-Factor Authentication (MFA) for AWS IAM users?

a. Attach an MFA policy to each IAM user

Prepared by :
Safayat Hosen Mishu
A cloud technology enthusiast
Email: [email protected]