Topic 1 Question 213
2 つ選択A security engineer discovers that a company’s user passwords have no required minimum length. The company is using the following two identity providers (IdPs): • AWS Identity and Access Management (IAM) federated with on-premises Active Directory • Amazon Cognito user pools that contain the user database for an AWS Cloud application that the company developed
Which combination of actions should the security engineer take to implement a required minimum length for the passwords?
Update the password length policy in the IAM configuration.
Update the password length policy in the Cognito configuration.
Update the password length policy in the on-premises Active Directory configuration
Create an SCP in AWS Organizations. Configure the SCP to enforce a minimum password length for IAM and Cognito.
Create an IAM policy that includes a condition for minimum password length. Enforce the policy for IAM and Cognito.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: BC
For Amazon Cognito: You can configure password length requirements directly in Cognito user pools5 The minimum password length can be set between 6 and 99 characters, though users can set passwords up to 256 characters long5 This is configured through the Password Policy settings in the Cognito user pool5 For Active Directory (federated with IAM): Since IAM is federated with on-premises Active Directory, the password policies are managed at the Active Directory level13 Password length requirements can be configured in Active Directory through Group Policy settings13 Changes must be made in Active Directory, not IAM, since AD is the authoritative source for authentication
👍 2youonebe2025/01/08
シャッフルモード