AWS Module 6 - Security Flashcards

1
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the primary function of Amazon Inspector?

A) Identifying root AWS accounts
B) Automating security assessments
C) Monitoring network traffic
D) Configuring Web Application Firewall

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which AWS service provides comprehensive threat detection for the AWS infrastructure?

A) AWS Artifact
B) Amazon Macie
C) Amazon Cloud Directory
D) Amazon GuardDuty

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the main purpose of AWS WAF (Web Application Firewall)?

A) Blocking specific IP addresses from accessing an AWS resource
B) Detecting and protecting against DDoS attacks
C) Performing automated security assessments
D) Providing compliance reports

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which AWS service is used for centrally managing security alerts and compliance status across multiple AWS accounts?

A) AWS Secrets Manager
B) Amazon Detective
C) AWS Security Hub
D) AWS Audit Manager

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which service collects log data from AWS resources for security investigations?

A

Amazon Detective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What security service uses machine learning to protect sensitive data in AWS?

A

Amazon Macie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which service helps in continuous auditing of AWS usage for compliance purposes?

A

AWS Audit Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which service enables the use of hardware security modules (HSM) on the AWS Cloud?

A

AWS CloudHSM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which service centrally manages AWS WAF rules across accounts and applications?

A

AWS Firewall Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What AWS service deploys essential network protections for VPCs?

A

AWS Network Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What service provides a comprehensive view of security alerts across AWS accounts?

A

AWS Security Hub

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the essential steps involved in the GuardDuty process?
A) Analyze, Remediate, Store
B) Detect, Monitor, Review
C) Enable, Analyze, Intelligently Detect, Review
D) Monitor, Deploy, Act

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What types of logs does GuardDuty analyze for threat detection in AWS environments?

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How can GuardDuty findings be acted upon if a threat is detected?
A) Automatically take remediation steps with AWS Lambda functions
B) Manually modify VPC security groups
C) Deploy additional network appliances
D) Escalate issues to AWS support team

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the role of the AWS account root user in IAM?
A) Complete access to all the AWS services and resources
B) Limited access to specific AWS services
C) Complete access to a few AWS services
D) No access to any AWS services

A

A

17
Q

What is the primary function of IAM policies in AWS?
A) Assigning users to groups
B) Providing complete access to AWS services
C) Enforcing the security principle of least privilege
D) Assigning roles to IAM users

A

C

18
Q

What defines an IAM group in AWS IAM?
A) A set of AWS resources
B) A collection of permissions
C) A collection of IAM users
D) A set of IAM policies

A

C

19
Q

How do IAM roles function in AWS IAM?
A) Long-term access to resources
B) Temporary access to permissions
C) Permanent access to services
D) Shared access among users

A

B

20
Q

What is the primary function of AWS Organizations in managing AWS accounts?
A) Monitor network activity
B) Consolidate and manage multiple AWS accounts
C) Automatically configure IAM roles
D) Maintain VPC security

A

B

21
Q

What is the purpose of the root in AWS Organizations?
A) To manage organizational units
B) To define service control policies
C) To serve as the parent container for all accounts
D) To create individual API actions

A

C

22
Q

How do Organizational Units (OUs) help in AWS Organizations?
A) They enforce SCPs on the entire AWS organization
B) They define policies for individual AWS services
C) They group accounts with similar business or security requirements
D) They monitor user access to AWS resources

A

C

23
Q

What happens when a policy is applied to an Organizational Unit (OU) in AWS Organizations?
A) It applies to all AWS accounts in the organization
B) It restricts access to individual API actions
C) It automatically configures SCPs for each account
D) It inherits permissions for all accounts in the OU

A

D

24
Q

How can SCPs be used in AWS Organizations?
A) To define IAM user permissions
B) To monitor network traffic
C) To isolate workloads into separate OUs
D) To restrict access to specific AWS services and resources

A

D

25
Q

What does AWS Artifact primarily offer access to?
A) On-demand access to security personnel
B) AWS security and compliance reports
C) AWS free-tier resources
D) Artifact creation tools

A

B

26
Q

What are the two main sections of AWS Artifact?
A) AWS Authorization and Compliance
B) AWS Security and Compliance
C) AWS Artifact Agreements and AWS Artifact Reports
D) AWS Audit and Agreement Reports

A

C

27
Q

What do AWS Artifact Reports provide?
A) Reports on AWS stock performance
B) On-demand cloud resources
C) Compliance reports from third-party auditors
D) Cloud migration strategy reports

A

C