Multiple Choice
A Security Engineer is working with a Product team building a web application on AWS. The application uses Amazon S3 to host the static content, Amazon API Gateway to provide RESTful services; and Amazon DynamoDB as the backend data store. The users already exist in a directory that is exposed through a SAML identity provider. Which combination of the following actions should the Engineer take to enable users to be authenticated into the web application and call APIs? (Choose three.)
A) Create a custom authorization service using AWS Lambda.
B) Configure a SAML identity provider in Amazon Cognito to map attributes to the Amazon Cognito user pool attributes.
C) Configure the SAML identity provider to add the Amazon Cognito user pool as a relying party.
D) Configure an Amazon Cognito identity pool to integrate with social login providers.
E) Update DynamoDB to store the user email addresses and passwords.
F) Update API Gateway to use a COGNITO_USER_POOLS authorizer. Update API Gateway to use a COGNITO_USER_POOLS authorizer.
Correct Answer:
Verified
Correct Answer:
Verified
Q76: A company's Developers plan to migrate their
Q77: Auditors for a health care company have
Q78: An organization is using AWS CloudTrail, Amazon
Q79: During a recent security audit, it was
Q80: A financial institution has the following security
Q82: A threat assessment has identified a risk
Q83: An organization is using Amazon CloudWatch Logs
Q84: The Security Engineer for a mobile game
Q85: A recent security audit found that AWS
Q86: An audit determined that a company's Amazon