Module 5: Security services

Question 1

What is AWS cloudHSM?

Answer 1

It is used for cryptography and provides a way to secure your keys.

Question 2

What is AWS Network Firewall?

Answer 2

Is a service to secure your VPC, you can monitor it using clodtrails, cloudwatch and aws config.

Question 3

What is AWS audit manager?

Answer 3

Is a tool that helps you to audit your aws usage according to autorities and industry standars. it comes with a kinf of framework that by default has in it like compliance configuration and also helps you to present reports to stakeholders.

Question 4

What is amazon Cognito?

Answer 4

Is an identity service used to allow user authentication through third party applications into your aws resources. You can use it in web and mobile apps.

Question 5

What is an identity pool?

Answer 5

Is used in amazon cognito to give credentials to access S3, dynamo db, etc.. to guest users (anonymous users)

Question 6

What is an user pool?

Answer 6

Is a directory in amazon cognito that allows you to sign in users into aws resources. When you create a pool and a user is signed to it, cognite gives the user a pool token used to access to other aws resources.

Question 7

What is AWS SSO (single sign on) -> IAM Identity center

Answer 7

Is a service used mostly by IT people to deploy or use services in other accounts without loggin on them. (it is used in AWS organizations)

Question 8

What is Amazon detective?

Answer 8

Is a service that use machine learning applied on your logs to detect suspicious activity.

Question 9

What is AWS GuardDuty?

Answer 9

Is a regional service used to analyze billlons of events from cloudtrail (API activity and aws management), DNS logs and VPC logs (ntwrok traffic data) other aws services. It can dettect inusual API activities on your services, instance compromise (crypto mining) , high volume network traffic, EC2 credentials exposed, accaount changes, etc..

Question 10

Amazon Guard duty vs Macie

Answer 10

The difference is that Macie operates at S3 level and GuardDuty is used to give protection to all of your aws accounts.

Question 11

What is Amazon inspector?

Answer 11

Is a service used to secure your EC2 instances and the applications running on it. Inspector also generates a report you can see.

Question 12

What is an Amazon inspector agent?

Answer 12

Is installed in your EC2 instance to detect vulnerabilities.

Question 13

What is Amazon Macie?

Answer 13

Is a service on aws that uses machine learning to protect, detect and secure sensitive data in aws resources (S3). For example if we have our ID inside a Bucjet or that kind of things.

Question 14

What is Amazon certificate Manager?

Answer 14

Is a service used to create SSL and TLS certificate (the certificates that you assign to your domains in order to secure networking)

Question 15

What is Amazon firewall manager?

Answer 15

it is integrated with AWS organizations and help you to configure firewall configurations to all aws accounts through firewall manager polices

Question 16

What is amazon Key management service (KSM)?

Answer 16

Is a service used to encrypt your data in aws. is similar to amazon kehsm but the difference is that KSM offers a multi tenant service and is used in RDS and EBS to encrypt data .This service is used in CloudTrail too.

Question 17

What is AWS secret manager?

Answer 17

A secret basicallty is a set of credentials (username and password), sensitive information, etc.. So basically AWS secrets manager is a service used to store this keys, here you can manage them, edit them, rotate them (creating a new key)

Question 18

What is AWS security hub?

Answer 18

Is a audit service that give you information about your security state and aslo if you are following security standars, thorugh the collection of information from guardshield, inspector, firewall manager and others. Is used mostly in an organization level and also helps you to organize alerts collected from other security services.

Question 19

What is AWS shield?

Answer 19

Is a service used for prevent and stop Ddos attack in a network level (ELB, Cloudfront, Route 53).

Question 20

What is AWS WAF?

Answer 20

is a application firewall service, so it acts like a web traffic filter at a application level. In order to do it you have to configure web acces control list.