CPC Prep AWS Compliance Flashcards
What enables you to understand the robust controls in place at AWS to maintain security and data protection in the cloud? These programs include: certifications/attestations; law, regulations, and privacy; & alignments/frameworks
AWS Compliance
As systems are built on top of AWS Cloud Infrastructure who is responsible for compliance?
Shared responsiblity
Which AWS service is a central resource for compliance-relation that provides on-demand access to AWS security and compliance reports and select online agreements?
AWS Artifact
Which AWS service provides on-demand access to Service Organization Control, Payment Card Industry reports and certifications from accreditation bodies across the world, compliance that validate the implementation and operating effectiveness of AWS security controls?
AWS Artifact
Which AWS Organizations feature defines the AWS service actions that are available for use and how you can limit the actions taken on an AWS account?
Service Control Policies (SCP)
Which AWS Organizations feature enforces rules around tagging across accounts and OUs?
Tag Policies
Which AWS service provides and automated security assessment service that helps improve security and compliance of applications deployed on AWS?
Amazon Inspector
Which AWS service automatically assesses applications for vulnerabilities or deviations from best practices and uses an agent installed on EC2 where the instances must be tagged?
Amazon Inspector
Which AWS service protects against common exploits that could compromise application availability, compromise security, or consume excessive resources?
AWS Web Application Firewall (WAF)
Which AWS service safeguards web applications running on AWS with alway-on detection and automatic inline mitigations?
AWS Shield
Which AWS service is a managed DDoS protection service that minimizes application downtime and latency and is integrated with Amazon CloudFront?
AWS Shield
What are the two AWS Shield pricing tiers?
- Standard - free
2. Advanced - visibility & reporting; incident management
Which AWS service manages WAF and AWS Shield?
AWS Firewall Manager
Which AWS service is a fully managed data security and data privacy service the uses machine learning and pattern matching to discover, monitor, or help protect sensitive data on Amazon S3?
Amazon Macie
Which AWS service enables security compliance and preventive security to identify a variety of data types including PII, PHI, HIPPA, regulatory documents, API keys, and secret keys?
Amazon Macie
Which AWS service identifies changes to policy and access control lists; continuously monitors the security posture of Amazon S3; and generates security findings that can viewed on Macie Console, AWS Security Hub, or Amazon Eventbridge?
Amazon Macie