Security & Compliance Flashcards
What service protects against DDoS attacks for all customers at no additional costs
AWS Shield Standard
Premium service that protects against more sophisticated attacks at a cost of $3,000 per month per org.
AWS Shield Advanced
What service is a web application firewall that helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources?
AWS WAF
What two services help mitigate DDoS attacks by utilizing the Edge?
CloudFront & Route53
What are prohibited activities when doing penetration test?
DNS
DoS or DDoS
Port Flooding
Protocol Flooding
Request Flooding
True or False: You can do any type of penetration testing on your applications within AWS?
False
At what two points does encryption need to take place for data?
At Rest & In Transit
Which service lets you create, manage, and control cryptographic keys across your applications and AWS services?
AWS KMS
What service does AWS provision encryption hardware where users manage encryption keys?
CloudHSM
What service provisions, manages, and deploys SSL/TLS Certificates?
AWS Certificate Manager
Helps you manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles.
AWS Secrets Manager
Provides on-demand access to security and compliance reports from AWS and ISVs who sell their products on AWS Marketplace.
AWS Artifact
Threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation. Uses ML and 3rd, party data.
AWS GuardDuty
What service can protect against CryptoCurrency attacks?
AWS GuardDuty
Automated vulnerability/security management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure.
AWS Inspector
