Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS CCP > Module 6 - Security > Flashcards

Module 6 - Security Flashcards

1
Q

Explain the AWS shared responsibility model.

A

Means that both AWS and the customer is responsible for customers security
- Customers: security in the cloud (e.g., their own content)
- AWS: security of the cloud (e.g., global infrastructure of the cloud, data centers)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Amazon IAM? (explain IAM users and IAM role)

A

Amazon Identity and Access Management
- enables you to manage access to AWS services and resources securely
- gives you the flexibility to configure access based on your company’s specific operational and security needs

IAM users - an identity that you create in AWS - represent the person/application that interacts with AWS services and resources - consists of name and credentials (has no permissions by default)
IAM role - an identity that you can assume to gain temporary access to permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Root user?

A

Owner of an AWS account (no one can restrict you as a Root User) - the root user restricts the other users in a given team/network (think of as owner of a coffee shop)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is MFA?

A

Multi-Factor Authentication - e.g., second form of authentication in addition to password to verify your identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain AWS Organisations.

A

If your company has multiple AWS accounts - you can use AWS Organisations to consolidate and manage multiple AWS accounts within a central location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain SCPs.

A

Service Control Policies - allows you to centrally control permissions for accounts in your organisation (enable you to place restrictions on the AWS services, resources, and individual API actions)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is AWS Artifact?

A

A service that provides on-demand access to AWS security and compliance reports and select online agreements - consists of two main sections: AWS Artifact Agreements and AWS Artifact Reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain DoS Attack and DDoS attacks.

A

DoS - Denial of Service attack - deliberate attempt to make a website or application unavailable to users (e.g., hacker) - attack originates from a single source
DDoS - Distributed Denial of Service attack - attack originates from multiple sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is AWS Shield?

A

A service that protects applications against DDoS attacks. AWS Shield provides two levels of protection: Standard (free) and Advanced (paid)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is AWS KMS?

A

Key Management Service - enables you to perform encryption operations through the use of cryptographic keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is AWS WAF?

A

Web Application Firewall - lets you monitor network requests that come into your web applications
- works with Amazon CloudFront and an Application Load Balancer
- uses a Network ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Amazon GuardDuty?

A

A service that provides intelligent threat detection for your AWS infrastructure and resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS CCP (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions