Security and Compliance

Question 1

What is the basis of the AWS Shared Responsibility Model?

Answer 1

Question 2

How does AWS responsibility model hold for: RDS?

Answer 2

Question 3

How does AWS responsibility model hold for: S3?

Answer 3

Question 4

What are the DDOS protections for AWS?

Answer 4

Question 5

What is AWS Shield?

Answer 5

Question 6

What is AWS WAF? What layer is protected?

Answer 6

Question 7

What is the AWS Network Firewall? What does it protect against?

Answer 7

Question 8

What is Penetration Testing? How does it work with AWS?

Answer 8

Question 9

What is the difference between data at rest and data in transit?

Answer 9

Question 10

What is AWS KMS?

Answer 10

Question 11

What is CloudHSM?

Answer 11

Question 12

What is a CMK? What are the different types?

Answer 12

Question 13

What service helps with in-flight encryption and SSL/TLS

Answer 13

Tip: service helps with in-flight encryption and SSL/TLS certificates

Question 14

What is AWS Secrets Manager?

Answer 14

Tip: secrets for RDS and need to be rotated

Question 15

What is AWS Artifact?

Answer 15

Question 16

What is AWS GuardDuty?

Answer 16

Question 17

What is Amazon Inspector?

Answer 17

Question 18

AWS Inspector is only for? What does it evaluate?

Answer 18

EC2 instances, Container Images & Lambda
functions

Question 19

What is AWS Config?

Answer 19

Question 20

What is Amazon Macie?

Answer 20

Question 21

What is AWS Security Hub?

Answer 21

Question 22

What is AWS Detective?

Answer 22

Question 23

What is AWS Abuse?

Answer 23

Question 24

What are the AWS Root User Privileges? What are the four most important ones?

Answer 24

Four most important:

Change account settings
Close your AWS account
Change or cancel your AWS Support plan
Register as a seller in the Reserved Instance Marketplace

Question 25

What is IAM Access Analyzer? What is the principle behind it?

Answer 25

Question 26

Security and Compliance Summary

Answer 26