Security and Compliance Flashcards
What is the basis of the AWS Shared Responsibility Model?

How does AWS responsibility model hold for: RDS?

How does AWS responsibility model hold for: S3?

What are the DDOS protections for AWS?

What is AWS Shield?
What is AWS WAF? What layer is protected?
What is the AWS Network Firewall? What does it protect against?
What is Penetration Testing? How does it work with AWS?

What is the difference between data at rest and data in transit?

What is AWS KMS?

What is CloudHSM?

What is a CMK? What are the different types?

What service helps with in-flight encryption and SSL/TLS
Tip: service helps with in-flight encryption and SSL/TLS certificates

What is AWS Secrets Manager?
Tip: secrets for RDS and need to be rotated

What is AWS Artifact?

What is AWS GuardDuty?
What is Amazon Inspector?

AWS Inspector is only for? What does it evaluate?
EC2 instances, Container Images & Lambda
functions
What is AWS Config?

What is Amazon Macie?

What is AWS Security Hub?

What is AWS Detective?

What is AWS Abuse?
What are the AWS Root User Privileges? What are the four most important ones?
Four most important:
Change account settings
Close your AWS account
Change or cancel your AWS Support plan
Register as a seller in the Reserved Instance Marketplace
What is IAM Access Analyzer? What is the principle behind it?
Security and Compliance Summary