Coursera Answers

AWS Fundamentals: Addressing Security Risk Week 2 Quiz Answer

AWS Fundamentals Addressing Security Risk Week 1 Quiz Answer


AWS Fundamentals: Addressing Security Risk Week 2 Quiz Answer


Week 2 —- Quiz 1 Answer


Question 1)

Which statement is true?

  • To use AWS Private Link, the VPC is required to have a NAT device
  • You can only attach 1 elastic network interface (ENI) to each EC2 instance launched in VPC
  • By default, each instance that you launch into a nondefault subnet has a public IPv4 address
  • Traffics within an Availability Zone, or between Availability Zones in all Regions, are routed over the AWS private global network



Question 2)

W​hat is a Security Group?

  • Control who in your organization has permission to create and manage VPC flow logs
  • Capture information about the IP traffic going to and from network interfaces in your VPC
  • Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level
  • Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level



Question 3)

How many types of VPC Endpoints are available?


  • One: VPC
  • Two: Amazon S3 and DynamoDB
  • Two: Gateway Endpoint and Interface Endpoint
  • Many. Each AWS Service will be supported by 1 type of VPC Endpoints



Question 4)

Which of these AWS resources cannot be monitored using VPC Flow logs?


  • V​PC
  • A​ subnet in a VPC
  • An Internet Gateway attached to VPC
  • A network interface attached to EC2



Question 5)

You can route traffic to a NAT Gateway through:


  • VPC Peering
  • Site-to-Site VPN connection
  • AWS Direct Connect
  • None of the above




Week 2 —- Quiz 2 Answer


Question 1)

What AWS Services keeps a record of who is interacting with your AWS Account?


  • Amazon Auditor
  • AWS AccountMonitor
  • Amazon ServiceLog
  • AWS CloudTrail



Question 2)

Which of the following are monitoring and logging services available on AWS? Select all that apply.


  • Amazon Beehive
  • Amazon Config
  • AWS CloudWatch
  • AWS CloudLogger



Question 3)

Which of the following sections from Trusted Advisor exists under the Well-Architected Framework as a pillar as well?


  • Security
  • Cost Transparency
  • Operational Excellence
  • Fault Tolerance



Question 4)

If you wanted to accomplish threat detection in your AWS Infrastructure, which of the following services would you use?


  • Amazon S3
  • AWS DynamoDB
  • AWS GuardDuty
  • Amazon ThreatDetector



Question 5)

Which AWS Service has an optional agent that can be deployed to EC2 instances to perform a security assessment?


  • AWS Assessor
  • Amazon Agent
  • AWS EC2Deploy
  • Amazon Inspector