Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certified Cloud Practitioner > Module 6: Security > Flashcards

Module 6: Security Flashcards

1
Q

Shared Responsibility Model

A

AWS is responsible for some parts of the environment (security of the cloud) and the customer is responsible for other parts (security in the cloud).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Customers (Security in the Cloud)

A
  • Customers are responsible for the security of everything that they create and put in the cloud.
  • Maintain complete control over the content stored on AWS, which AWS services are used, and who has access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AWS (Security of the Cloud)

A
  • Operates, manages, and controls the components at all layers of infrastructure.
  • Responsible for protecting the global infrastructure that runs all the services offered in the AWS Cloud.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AWS Identity and Access Management (IAM)

A

Enables you to manage access to AWS services and resources securely.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IAM Users

A
  • Represents the person or application that interacts with AWS services and resources.
  • Consists of name and credentials.
  • By default it has no permissions associated with it when created.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IAM Policy

A

A document that allows or denies permissions to AWS services and resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM Group

A

A collection of IAM users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IAM Role

A
  • An identity that you can assume to gain temporary access to permissions.
  • Before an entity can switch roles, they must be granted permissions to switch to the role.
  • All permissions of the previous role are abandoned and the permissions of the new role are assumed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AWS Organizations

A
  • Used to consolidate and manage multiple AWS accounts within a central location.
  • Accounts ca be grouped into organization units to make it easier to manage accounts with similar business or security requirements.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Service Control Policies (SCPs)

A

Enable you to place restrictions on the AWS services, resources, and individual API actions that users and roles in each account can access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AWS Artifact

A

A service that provides on-demand access to AWS security and compliance reports and select online agreements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

AWS Artifact Agreements

A

Agreements can be reviewed, accepted, and managed for an individual account or all accounts in AWS Organizations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

AWS Artifact Reports

A

Provide compliances reports from third-party auditors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Customer Compliance Center

A

Contains resources to help you learn more about AWS compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Denial-of-Service (DoS) Attack

A

A deliberate attempt to make a website or application unavailable to users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Distributed Denial-of-Service (DDoS) Attack

A
  • Multiple sources are used to start an attack that aims to make a website or application unavailable.
  • A single attacker can use multiple infected computers knows as “bots” to send excessive traffic to a website or application.
17
Q

AWS Shield

A

A service that protects applications against DDoS attacks.

18
Q

AWS Shield Standard

A
  • Automatically protects all AWS customers at no cost.

- Protects AWS resources from the most common, frequently occurring types of DDoS attacks.

19
Q

AWS Shield Advanced

A
  • A paid service that provides detailed attack diagnostics and the ability to detect and mitigate sophisticated DDoS attacks.
  • Can integrate it with AWS WAF by writing custom rules to mitigate complex DDoS attacks.
20
Q

AWS Key Management Service (AWS KMS)

A

Enables you to perform encryption operations through the use of cryptographic keys.

21
Q

AWS WAF

A
  • A web application firewall that lets you monitor requests that come into your web applications.
  • Does this by using a web access control list (ACL) to protect resources.
22
Q

Amazon Inspector

A
  • Helps to improve the security and compliance of applications by running automated security assessments.
  • Checks applications for security vulnerabilities and deviations from security best practices.
23
Q

Amazon GuardDuty

A
  • A service that provides intelligent threat detection for your AWS infrastructure and resources.
  • Identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.

AWS Certified Cloud Practitioner (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions