Security & Compliance

Question 1

What AWS service allows you to control access to your AWS services and resources?

Answer 1

Identity and Access Management (IAM)

Question 2

What AWS service helps protect your web applications against common web attacks?

Answer 2

Web Applications Firewall (WAF)

Question 3

What AWS product provides a managed Distributed Denial of Service (DDoS) protection service?

Answer 3

Sheild

Question 4

What AWS product helps you discover and protect sensitive data?

Answer 4

Macie

Question 5

What AWS product allows you to assess, audit, and evaluate the configurations of your resources?

Answer 5

Config

Question 6

What AWS service provides an intelligent threat detection system that uncovers unauthorized behavior?

Answer 6

GuardDuty

Question 7

What AWS service works with EC2 instances to uncover and report vulnerabilities?

Answer 7

Inspector

Question 8

What AWS service offers on-demand access to AWS security and compliance reports?

Answer 8

Artifact

Question 9

What AWS product helps you control user/customer access to mobile and web applications?

Answer 9

Cognito

Question 10

What AWS service allows you to generate and store encryption keys?

Answer 10

Key Management Service (KMS)

Question 11

What AWS product provides a hardware security module used to generate encryption keys?

Answer 11

CloudHSM

Question 12

What AWS service allows you to manage and retrieve secrets (passwords or keys)?

Answer 12

Secrets Manager

Question 13

What outlines your responsibilities vs AWS when it comes to security and compliance?

Answer 13

Shared Responsibility Model

Question 14

What describes design principles and best practices for running workloads in the cloud?

Answer 14

Well-Architected Framework

Question 15

What are the 6 Pillars of the Well-Architected Framework?

Answer 15

Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, Sustainability

Question 16

What type of AWS Security object defines permissions that can be attached to a user or group?

Answer 16

Policy

Question 17

What type of security object is an identity you can create, has specific permissions with credentials that are valid for short durations, can be temporarily assumed by entities that you trust, and is not associated with a specific user or group?

Answer 17

Roles

Question 18

What type of security object defines an identity with long-term credentials that is used to interact with AWS in an account?

Answer 18

IAM User

Question 19

What type of security object is used to specify permissions for a collections of users?

Answer 19

User Group

Question 20

What type of security object is used to secure S3 buckets?

Answer 20

Bucket Access Policy

Question 21

What type of security object is used to protect an EC2 instance?

Answer 21

Security Group