1. A company is planning on using AWS(Amazon Web Service) for hosting their applications. They want complete separation and isolation of their production, testing and development environments. Which of the following is an ideal way to design such a setup? Please select:

A) Use separate VPC?S for each of the environments
B) Use separate AWS(Amazon Web Service) accounts for each of the environments
C) Use separate lAM Roles for each of the environments
D) Use separate lAM Policies for each of the environments



2. Your company has defined privileged users for their AWS(Amazon Web Service) Account. These users are administrators for key resources defined in the company. There is now a mandate to enhance the security authentication for these users. How can this be accomplished?

A) Enable MFA for these user accounts
B) Enable accidental deletion for these user accounts
C) Disable root access for the users
D) Enable versioning for these user accounts



3. Your company has been using AWS(Amazon Web Service) for the past 2 years. They have separate 53 buckets for logging the various AWS(Amazon Web Service) services that have been used. They have hired an external vendor for analyzing their log files. They have their own AWS(Amazon Web Service) account. What Is the best way to ensure that the partner account can access the log files in the company account for analysis. Choose 2 answers from the options given below Please select:(Select 2answers)

A) Create an lAM Role in the company account
B) Ensure the lAM user has access for read-only to the 53 buckets
C) Create an lAM user In the company account
D) Ensure the lAM Role has access for read-only to the S3 buckets



4. Your company is hosting a set of EC2 Instances in AWS. They want to have the ability to detect if any port scans occur on their AWS(Amazon Web Service) EC2 Instances. Which of the following can help in this regard? Please select:

A) Use AWS(Amazon Web Service) Guard Duty to monitor any malicious port scans
B) Use AWS(Amazon Web Service) Trusted Advisor to notify of any malicious port scans
C) Use AWS(Amazon Web Service) Inspector to consciously inspect the instances for port scans
D) Use AWS(Amazon Web Service) Config to notify of any malicious port scans



5. Your company is planning on developing an application in AWS. This is a web based application. The application users will use their facebook or google Identities for authentication. Which of the following is step you include in your Implementation for the web application?

A) Create an OIDC identity provider in AWS
B) Ensure the Security Groups in the VPC only allow requests from the Google and Facebook Authenticatio servers.
C) Create an OIDC provider In both Google and Facebook
D) Create a SAML provider in AWS