AWS Mgt Tools Flashcards
1
Q
AWS GuardDuty
A
- Intelligent Threat Detection
- Continuous Monitoring for Malicious Activity
- Delivers detailed findings
2
Q
AWS Inspector
A
- Vulnerability Scanning
- EC2 and ECR
- Continually scans AWS workloads for vulns / unintended Network Exposure
3
Q
AWS Trusted Advisor
A
- AWS Best Practices
- Evaluates your account to optimize your AWS infra
- Base and Dev support - Core checks
- Business and Enterprise support - All checks
4
Q
AWS Config
A
- Evaluates AWS configs for desired settings
- Active and Historical
- Notifications when ever resources are created or modified
5
Q
AWS Certificate Manager (ACM)
A
- Create, Store, and Renew SSL/TLS Certs
6
Q
AWS Secrets Manager
A
- Stores and Rotates secrets without the need for code
- Auto Rotate for
- RDS (MySQL, Postgress, Aurora)
- Redshift
- Document DB
7
Q
AWS Resource Account Manager (RAM)
A
- Sharing of resources
- Across AWS accounts
- Within Orgs and OUs
- IAM Roles and Users
8
Q
AWS Personal Health Dashboard
A
- Provides Alerts and Remediation
- AWS outages
9
Q
AWS CloudHSM
A
- Generate and Use your own encryption keys on AWS
- In your vpc
- Protects private keys from issuing CA
10
Q
AWS Shield
A
- Managed DDOS Protection
- Integrated with CloudFront
- Standard - No Cost
- Advanced - 3k a month / 1 year commitment
11
Q
AWS SAM (Serverless Application Model)
A
- Extension of CloudFormation for Serverless
12
Q
AWS Systems Manager
A
- Centralized console and toolset for a wide variety of system management tasks
- centralize operation data from multiple AWS services
- ## automate tasks across your aws resources
13
Q
AWS CloudFormation
A
- IaaS provisioning
- Creates Stacks
- Uses Templates
14
Q
CloudFormation Stacksets
A
- Create, Update, or delete stacks across multiple accounts and regions with a single operation
15
Q
AWS Athena supports SSE and Client Side encryption on S3
A
Yes… you can read and write using encryption