Security & Compliance

Question 1

How to protect against DDoS on AWS (5 ways)

Answer 1

• AWS Shield Standard
• AWS Shield Advanced
• AWS WAF
• CloudFront
• Route 53

Question 2

What is AWS WAF?

Answer 2

Web Application Firewall, protects your application from common web exploits (layer 7)

Question 3

What is penetration testing?

Answer 3

Attacking your own infrastructure to carry out tests

Question 4

What is AWS KMS?

Answer 4

Key Management Service - AWS manages the encryption keys for us

Question 5

What is Certificate Manager (ACM)?

Answer 5

Lets you easily provision, manage and deploy SSL/TLS certificates

Question 6

What is Artifact?

Answer 6

A portal that provides customers with on-demand access to AWS compliance documentation and AWS agreements

Question 7

What is GuardDuty?

Answer 7

Uses machine learning algorithms to provide intelligent threat discovery to protect AWS accounts

Question 8

What is Inspector?

Answer 8

Provides automated security assessments for EC2 instances and ECR

Question 9

What is config?

Answer 9

Helps with auditing and recording compliance of your AWS resources by recording configurations and changes over time

Question 10

What is Macie?

Answer 10

A fully-managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS

Question 11

What is Security Hub?

Answer 11

A central security tool to manage security across several AWS accounts and automate security checks

Question 12

What is Amazon Detective?

Answer 12

Analyses, investigates and quickly identifies the root cause of security issues or suspicious activities

Question 13

What is AWS Abuse

Answer 13

Report suspected AWS resources used for abusive or illegal purposes