Module 6: Security Flashcards

1
Q

A way to consolidate and manage multiple AWS accounts within a central location.

A

AWS Organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In AWS Organizations, you can centrally control permissions for the accounts in your organization by using

A

service control policies (SCPs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

This enable you to place restrictions on the AWS services, resources, and individual API actions that users and roles in each account can access.

A

service control policies (SCPs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What can SCPs be applied to

A

An individual member account
root
OU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An identity that you create in AWS

A

IAM user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IAM users have no default permissions assigned, True or False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A document that allows or denies permissions to AWS services and resources

A

IAM policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A collection of IAM users

A

IAM group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An identity that you can assume to gain temporary access to permissions

A

IAM role

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

shared responsibility model: Database

A

AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

shared responsibility model: Server side encryption

A

Customer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

shared responsibility model: Networking

A

AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

shared responsibility model: Storage

A

AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

shared responsibility model: Customer Data

A

Customer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

shared responsibility model: Storage

A

AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

shared responsibility model: Regions

A

AWS

17
Q

shared responsibility model: Network traffic protection

A

Customer

18
Q

a service that provides on-demand access to AWS security and compliance reports and select online agreements

A

AWS Artifact

19
Q

With this you can review, accept, and manage agreements for an individual account and for all your accounts in AWS Organizations. Different types of agreements are offered to address the needs of customers who are subject to specific regulations, such as the Health Insurance Portability and Accountability Act (HIPAA).

A

AWS Artifact Agreements

20
Q

This report provides compliance reports from third-party auditors

A

AWS Artifact Reports

21
Q

A service that protects applications against DDoS attacks

A

AWS Shield

22
Q

AWS Shield provides two levels of protection:

A

Standard and Advanced

23
Q

This level of aws shield automatically protects all AWS customers at no cost. It protects your AWS resources from the most common, frequently occurring types of DDoS attacks.

A

Standard

24
Q

This level of aws shield is a paid service that provides detailed attack diagnostics and the ability to detect and mitigate sophisticated DDoS attacks.

A

Advanced

25
Q

This level of aws shield integrates with other services such as Amazon CloudFront, Amazon Route 53, and Elastic Load Balancing. Additionally, you can integrate AWS Shield with AWS WAF by writing custom rules to mitigate complex DDoS attacks.

A

Advanced