AWS Certified Cloud Practitioner (CLF-C02) — Question 559

Which of the following actions are controlled with AWS Identity and Access Management (IAM)? (Choose two.)

Answer options

• A. Control access to AWS service APIs and to other specific resources.
• B. Provide intelligent threat detection and continuous monitoring.
• C. Protect the AWS environment using multi-factor authentication (MFA).
• D. Grant users access to AWS data centers.
• E. Provide firewall protection for applications from common web attacks.

Correct answer: A, C

Explanation

AWS Identity and Access Management (IAM) is designed to securely manage access to AWS service APIs and resources, and it supports securing accounts using multi-factor authentication (MFA). Other tasks like threat detection, physical data center security, and web application firewalls are handled by Amazon GuardDuty, AWS physical security teams, and AWS WAF, respectively.