Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

AWS Cloud Practitioner > 6 - Security > Flashcards

6 - Security Flashcards

1
Q

Root account user

A

Owner of AWS account, can do anything inside account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Identify and access management (IAM)

A

Default to no permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IAM policy

A

JSON document that describes what a user can/cannot make

Effect - allow/deny
Action - API call
Resource - what the API call is for

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM group

A

Easier for assigning permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Role

A

Temp amounts of time, no username/password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

organizations

A

Central location to manage AWS accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Service control policies (SCP)

A

Specify max permissions for member accounts in the org

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Artifact

A

Reports done by 3rd parties who validate compliance standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Customer compliance center

A

Stores all

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Distributed denial of service attacks (DDoS)

A

Attack on infrastructure, shut down app ability to function by overwhelming system to point it cannot operate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

HTTP level attack

A

Look like normal customer asking for normal things over and over and over

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

UDP flood

A

Bad actor sends request but uses your return address, your server is flooded

AWS - security groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Slowloris attack

A

Attacker pretends to have slow connection causing server to wait

AWS - elastic balancer waits until entire load is complete before sending to front end server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Web application firewall (WAF)

A

Filter incoming traffic for bad actors, machine learning, proactively defend at no cost

Advanced costs money, provides diagnostics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

GuardDuty

A

Analyze continuous metadata from your account and identify threats, runs independently from AWS account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Inspector

A

Improves security and compliance by running auto assessment against your structure, detailed description and recommendation on how to fix

17
Q

Cognito

A

Enables you to handle authentication for app, user control, control access to resources

18
Q

Disaster control

A

Backup and restore - cheaper, new env launched

Pilot light - key infra running

Warm standby - scaled down version of full env, critical systems

Multi site - full env running, seamless

19
Q

Macie

A

Data protection by machine learning in S3, can detect personal info, dashboard and alerts

20
Q

Access control list

A

In and outbound traffic for subsets within VPC, default allows all traffic

AWS Cloud Practitioner (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions