DS0-001 · Question #125
DS0-001 Question #125: Real Exam Question with Answer & Explanation
The correct answer is A: Identity and access management. Identity and Access Management (IAM) is the correct choice because it is a comprehensive framework specifically designed to handle both authentication (verifying who is signing in) and authorization (controlling what they can access) - covering both requirements in the question.
Question
An IT department needs to validate who signs in and has permissions to use the company's cloud resources. Which of the following can be used to accomplish this task?
Options
- AIdentity and access management
- BService accounts
- CPassword policies
- DAccess controls
Explanation
Identity and Access Management (IAM) is the correct choice because it is a comprehensive framework specifically designed to handle both authentication (verifying who is signing in) and authorization (controlling what they can access) - covering both requirements in the question.
Why the distractors fall short:
- B. Service accounts are a type of identity used by applications or automation, not a system for validating human user sign-ins and permissions broadly.
- C. Password policies address only one aspect of authentication (password rules) and do nothing to manage permissions or resource access.
- D. Access controls handle authorization (permissions) but not authentication (identity validation) - they're a component of IAM, not the full solution.
Memory tip: Think of IAM as the "bouncer + guest list" system - it checks your ID at the door (authentication) and decides which rooms you're allowed into (authorization). Whenever a question mentions both who and what they can do, IAM is almost always the answer.
Community Discussion
No community discussion yet for this question.