Security, Tracking and Compliance Flashcards
Cognito
User authentication/sign-in/access control through social identity providers (SAML).
Save data locally on devices for offline use.
Synchronization across multiple devices.
Which service uses SAML
Cognito and Amazon SSO
Root cause analysis of security issues or suspicious activity
Detective
Difference between Detective and Inspector?
Detective : Used for root cause analysis of security issues.
Inspector : Used for finding unintended network access or vulnerabilities and recommends action accord to best practice.
Finds unintended network access or vulnerabilities in EC2 instances and recommends action accord to best practice.
Inspector
Threat detection service that alerts when it detects suspicious activity and indicators of account compromise.
GuardDuty
DDoS protection
Shield
Difference between Amazon Cloud Directory and Amazon Directory Service?
Cloud Directory is fully managed, auto-scaling cloud-native directory service.
Directory Service just allows Amazon services to be managed by your existing Microsoft AD setup (not cloud-native). Can be managed or unmanaged.
Used for building firewall rules and WAF deployments
Firewall Manager
AWS Identity and Access Management (IAM) enables what?
Fedarated identity
Roles, users, groups.
MFA
Where would you enable MFA for a user?
IAM
What is the difference between a role and a group?
Roles are permissions for actions performed by services.
Groups are permissions for actions performed by users.
Grants users permissions
groups
Grants services permissions
role
Which service allows federation, social identity providers, and SSO respectively?
federation - IAM
social identity provider - Cognito
SSO - AWS SSO
