Exam AWS Certified Cloud Practitioner topic 1 question 196 discussion

agreed

A. Control access to AWS service APIs and to other specific resources. C. Protect the AWS environment using multi-factor authentication (MFA).

A and C is right

Answer is correct, AC.

Answer is correct, AC. A. IAM allows you to manage permissions and access to various AWS service APIs and specific resources such as Amazon S3 buckets, EC2 instances, and more. IAM provides fine-grained control over what actions users and roles can perform within the AWS environment. C. IAM supports multi-factor authentication (MFA), which adds an extra layer of security to AWS accounts. MFA requires users to provide two or more forms of identification (e.g., password and a temporary authentication code from a virtual MFA device or hardware MFA token) before they can access AWS resources. D is incorrect, IAM does not control physical access to AWS data centers.

IAM allows you to manage user access to various AWS resources and services. It enables you to create and manage user accounts, grant permissions, and define policies to control access to AWS resources. With IAM, you can control who can access your AWS environment and what actions they can perform.

AWS multi-factor authentication (MFA) is an AWS Identity and Access Management (IAM) best practice that requires a second authentication factor in addition to user name and password sign-in credentials. You can enable MFA at the AWS account level and for root and IAM users you have created in your account.

AC is the answer.

A is obvious. But why not B ? Thread detection check is for when any role or users are able to access anything they shouldn't be !

With IAM, I can control (A)Access to AWS resources & (D)Access to Data Center (Digitally) How is C even relevant, Protecting AWS environment with MFA? If anything it would be protecting IAM account.

nothing to to here with web prottection

why D is not answer

Answer is AD

agree with the answer

The three others have nothing to do with IAMs