Module 1: AWS Overview and Security

Looking for ‘AWS Cloud Technical Essentials module 1 answers’?

In this post, I provide complete, accurate, and detailed explanations for the answers to Module 1: AWS Overview and Security of Course 2: AWS Cloud Technical Essentials

Whether you’re preparing for quizzes or brushing up on your knowledge, these insights will help you master the concepts effectively. Let’s dive into the correct answers and detailed explanations for each question!

Week 1 Quiz

Graded Assignment

1. What are the four main factors that a solutions architect should consider when they must choose a Region?

  • Latency, price, service availability, and compliance ✅
  • Latency, high availability, taxes, and compliance
  • Latency, taxes, speed, and compliance
  • Latency, security, high availability, and resiliency

Explanation:
A solutions architect must assess:

  • Latency: Choose a Region closer to users to reduce delays.
  • Price: Costs vary by Region.
  • Service availability: Not all services are available in every Region.
  • Compliance: Data residency laws may require storing data in certain Regions.

2. True or False: Every action a user takes in AWS is an API call.

  • True ✅
  • False

Explanation:
Behind the scenes, AWS services are managed via APIs. Whether you’re using the console, CLI, or SDKs, each action translates into an API call.

3. Which statement BEST describes the relationship between Regions, Availability Zones and data centers?

  • Availability Zones are clusters of Regions. Regions are clusters of data centers.
  • Data centers are cluster of Availability Zones. Regions are clusters of Availability Zones.
  • Regions are clusters of Availability Zones. Availability Zones are clusters of data centers. ✅
  • Data centers are clusters of Regions. Regions are clusters of Availability Zones.

Explanation:

  • Region: Geographical area (e.g., us-east-1)
  • Availability Zone (AZ): Isolated location in a Region
  • Data centers: Physical infrastructure inside AZs

4. Which of the following is a benefit of cloud computing?

  • Run and maintain your own data centers.
  • Increase time-to-market.
  • Overprovision for scale.
  • Go global in minutes. ✅

Explanation:
Cloud computing lets you deploy applications worldwide quickly without investing in physical infrastructure.

5. A company wants to manage AWS services by using the command line and automating them with scripts. What should the company use to accomplish this goal?

  • AWS Management Console
  • AWS Command Line Interface (AWS CLI) ✅
  • AWS SDKs
  • AWS Management Console and AWS SDKs

Explanation:
The AWS CLI allows you to interact with AWS services via scripts and terminal commands.

6. What is a best practice when securing the AWS account root user?

  • Activate AWS Identity and Access Management (IAM) access to the Billing and Cost Management console
  • Use the root user for routine administrative tasks
  • Change account settings
  • Enable multi-factor authentication ✅

Explanation:
MFA adds an extra security layer to protect your AWS root account from unauthorized access.

7. A solutions architect is consulting for a company. When users in the company authenticate to a corporate network, they want to be able to use AWS without needing to sign in again. Which AWS identity should the solutions architect recommend for this use case?

  • AWS account root user
  • AWS Identity and Access Management (IAM) user
  • IAM Role ✅
  • IAM Group

Explanation:
IAM roles allow federated access, enabling users to assume roles after authenticating via an identity provider like an enterprise directory.

8. Which of the following can be found in an AWS Identity and Access Management (IAM) policy?

  • Effect
  • Action
  • Object
  • A and B ✅
  • B and C

Explanation:
IAM policies define:

  • Effect: Allow or deny
  • Action: Specific API actions
  • Resource: AWS resource affected (not “Object”)

9. True or False: AWS Identity and Access Management (IAM) policies can restrict the actions of the AWS account root user.

  • True
  • False ✅

Explanation:
The root user has full access by default and cannot be restricted using IAM policies.

10. According to the AWS shared responsibility model, which of the following is the responsibility of AWS?

  • Controlling the operating system and application platform, as well as encrypting, protecting, and managing customer data.
  • Managing customer data, encrypting that data, and protecting the data through network firewalls and backups.
  • Managing the hardware, software, and networking components that run AWS services, such as the physical servers, host operating systems, virtualization layers, and AWS networking components. ✅
  • Managing customer data, encrypting that data, and protecting the data through client-side encryption.

Explanation:
AWS is responsible for “security of the cloud” (infrastructure). Customers manage “security in the cloud” (data, config, etc.).

11. Which of the following is recommended if a company has a single AWS account, and multiple people who work with AWS services in that account?

  • All people must use the root user to work with AWS services on a daily basis.
  • The company should create an AWS Identity and Access Management (IAM) group, grant the group permissions to perform specific job functions, and assign users to a group, or use IAM roles. ✅
  • The company must create AWS Identity and Access Management (IAM) users, and grant users the permissions to perform specific job functions.
  • The company must create an AWS Identity and Access Management (IAM) user and grant the user the permissions to access all AWS resources.

Explanation:
Grouping users and managing permissions collectively is easier and more secure than assigning them individually.

12. True or False: According to the AWS shared responsibility model, a customer is responsible for security in the cloud.

  • True ✅
  • False

Explanation:
Under the shared responsibility model:

  • AWS: Secures infrastructure
  • Customer: Secures their applications, data, configs, etc.

13. Which of the following provides temporary credentials (that expire after a defined period of time) to AWS services?

  • Principle of least privilege
  • IAM role ✅
  • Identity provider (IdP)
  • AWS IAM Identity Center (successor to AWS Single Sign-On)

Explanation:
IAM roles are designed for temporary access. They are used by services, federated users, or applications needing time-limited credentials.

14. A user is hosting a solution on Amazon Elastic Compute Cloud (Amazon EC2). Which networking component is needed to create a private network for their AWS resources?

  • Virtual private cloud (VPC) ✅
  • Instance
  • Tags
  • Amazon Machine Image (AMI)

Explanation:
A VPC allows you to define a logically isolated network where you can launch AWS resources with custom IP ranges, subnets, and routing rules.

Related contents:

Module 2: Compute & Networking
Module 3: Storage & Databases on AWS
Modul 4: Monitoring & Optimization

You might also like:

Course 1: Introduction to Information Technology and AWS Cloud
Course 3: Providing Technical Support for AWS Workloads
Course 4: Developing Applications in Python on AWS
Course 5: Skills for Working as an AWS Cloud Consultant
Course 6: DevOps on AWS and Project Management
Course 7: Automation in the AWS Cloud
Course 8: Data Analytics and Databases on AWS
Course 9: Capstone: Following the AWS Well Architected Framework

Leave a Reply