Security

Question 1

Where can you find AWS compliance documentation?

Answer 1

AWS artifacts

Question 2

What is the shared responsibility model?

Answer 2

AWS responsible for security ‘of’ the cloud- Hardware, network e.t.c.
You are responsible for security ‘in’ the cloud- Bucket policy, turning on encryption

Question 3

What is AWS WAF?

Answer 3

Web Application Firewall- stops SQL injections vulnerabilities- designed to stop hackers

Question 4

What is AWS Shield?

Answer 4

AWS Shield is a DDOS mitigation service designed to stop DDOS attacks- overloading servers so they crash

Question 5

What is AWS Inspector?

Answer 5

Used for inspecting EC2 instances for vulnerabilities

Question 6

What is AWS trusted advisor?

Answer 6

Service to inspect whole AWS account (not just EC2). More than security includes cost optimization, performance and tolerance.

Question 7

What is AWS CloudTrail?

Answer 7

Audit- records management console actions and API calls

Question 8

What is Athena?

Answer 8

An interactive query service that allows you to query data located in S3 using standard SQL. Serverless. Commonly used used to analyse log data store in S3

Question 9

What is Macie?

Answer 9

Uses AI to identify PII- Personal Identifiable data. Can be used to analyse logs for suspicious API activity.