Security Flashcards
What customers are responsible for
IN the cloud, data, configuration
What AWS is responsible for
Security OF the cloud, hardware, Operation of Managed Services, Global Infrastructure
AWS Compliance Programs
A set of internal policies and procedures of a company to comply with laws, rules, and regulations
Example: HIPAA
AWS Artifact
No cost, self service portal for on demand access to AWS compliance reports
Amazon Inspector
Security benchmark on EC2
AWS WAF
Web Application Firewall - Protect applications from web exploits. OWASP top 10 dangerous attacks
DDoS Attack
A malicious attempt to disrupt normal traffic by flooding a website with a large amount of fake traffic
AWS Shield
Protects from DDoS attacks
AWS Shield Free vs advanced
Free covers from common attacks, and advance covers more sophisticated attacks and DDoS experts 24/7
Penetration Testing
An autorized simulated cyberattack on a computer system. Performed to evaluate the security of the system
GuardDuty
Threat detection service that monitors for malicious, suspicious, and unauthorized behavior. IDS/IPS
IDS/IPS
Intrusion Detection System and Intrusion Protection System
Key Management Service (KMS)
Create encryption keys to encrypt data
Amazon Macie
Monitors S3 data access activities for anomalies
Security Groups
Acts as a firewall at the instance level - create allow rules
