ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 165 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 165
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company uses Microsoft Active Directory for access management for on-premises resources, and wants to use the same mechanism for accessing its AWS accounts. Additionally, the Development team plans to launch a public-facing application for which they need a separate authentication solution.
Which combination of the following would satisfy these requirements? (Choose two.)

  • A. Set up domain controllers on Amazon EC2 to extend the on-premises directory to AWS.
  • B. Establish network connectivity between on-premises and the user's VPC.
  • C. Use Amazon Cognito user pools for application authentication.
  • D. Use AD Connector for application authentication.
  • E. Set up federated sign-in to AWS through ADFS and SAML.
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by JackLee1 at Aug. 29, 2020, 3:39 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JackLee1
Highly Voted 3 years, 7 months ago
C & E are right
upvoted 26 times
ucsdmiami2020
3 years, 6 months ago
Refer to the following AWS reference to further support that C & E are right https://aws.amazon.com/blogs/security/enabling-federation-to-aws-using-windows-active-directory-adfs-and-saml-2-0/
upvoted 10 times
...
...
sanjaym
Highly Voted 3 years, 6 months ago
I'll go with CE
upvoted 5 times
...
Raphaello
Most Recent 1 year, 2 months ago
Selected Answer: CE
CE are correct, though by saying " public-facing application " it implies it is available to the public..and if so using AD/ADFS won't work. Again, not the best worded question.
upvoted 1 times
...
ITGURU51
2 years ago
CE Use Cognito to authenticate web applications. Enable federation.
upvoted 1 times
...
MoreOps
3 years ago
Selected Answer: CE
C and E are the right ones
upvoted 1 times
...
jtzt2003
3 years, 5 months ago
C & E are correct. The clue for the AD component is 'accessing their AWS accounts'. For this they'd use SAML. If it was to access AWS services, then A, D or E would work.
upvoted 3 times
...
Hungdv
3 years, 6 months ago
Why not C and D?
upvoted 1 times
acloudguru
3 years, 5 months ago
D : only get your AD information, not a full solution ,Application needs authentication, so the next step is E
upvoted 1 times
...
Hungdv
3 years, 6 months ago
D is wrong for additional application authentication. So C and E are answers
upvoted 1 times
...
vbal
2 years, 7 months ago
AD Connector cannot be used with your custom applications.
upvoted 1 times
...
...
cbellingerx1
3 years, 6 months ago
C & E are the correct answers.
upvoted 1 times
...
sunilrch
3 years, 6 months ago
CE is the correct answer C - separate authentication mechanism for applications
upvoted 1 times
...
farziuser
3 years, 6 months ago
C - as they mentioned seperate authentication is needed for web application. Here we can use Cognito E - ADFS and SAML
upvoted 5 times
...
deegadaze1
3 years, 6 months ago
B&E are Correct!
upvoted 2 times
...
Pratap
3 years, 6 months ago
Is it not B and E
upvoted 1 times
Dic
3 years, 6 months ago
B E use same authentication
upvoted 1 times
...
...
Jack_London
3 years, 6 months ago
... in case someone thought AD Connector could be used for application auth (like I did), here is why that won't work: https://aws.amazon.com/blogs/security/how-to-connect-your-on-premises-active-directory-to-aws-using-ad-connector/ It is a bit misleading because the question doesn't talk about users wanting to use social media Id providers like Google, Facebook, which normally appear in the question when Cognito is a right answer
upvoted 4 times
vijayendra
3 years, 6 months ago
it say public facing in question
upvoted 1 times
...
...
Tester3
3 years, 7 months ago
C & E.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago