Security Flashcards
(38 cards)
The _____ ______ ______ outlines your responsibilities vs. ____’s when it comes to security compliance
- Shared Responsibility Model, AWS
The ___-_____ ______ describes design principles and best practices for running workloads in the cloud. It has __ pillars you can lean on when you are designing Cloud Ecosystems
Well-Architected Framework, 6
The 6 Pillars of a Well-Architected Framework:
- Operational Excellence:
- Security:
- Reliability:
- Performance Efficiency
- Cost Optimization
- Sustainability
AWS is responsible for security __ the cloud.
You are responsible for security __ the cloud.
OF, IN
AWS Global infrastructure elements include : _____, ___ ______, and ___s
Regions, Edge Locations, AZs
AWS Software infrastructure includes: all ______ services like RDS, S3, ECS, Lambda, patching of the ____ OS (firmware updates, etc.), and data access ______.
managed, host, endpoints
YOU are responsible for ___ the services are implemented and managing your _______ _____
HOW, APPLICATION DATA
you are responsible for the _____ OS, which includes updates and security patches
Guest,
You are responsible for your application code and ______ _______. You should frequently scan for and patch vulnerabilities in your code.
Installed Software:
You are responsible for ______ traffic protection, which includes security group ______ configuration.
network, firewall
- Configuration Management:
____ configures infrastructure devices,
____ configure databases and applications
AWS, You
______ ______ (pilar) Focuses on creating applications that effectively support production workloads.
- Operational Excellence:
________ Focuses on putting mechanisms in place that help protect your systems and data. Recommends using ______ , ______ and assigning only the _____ ______
- Security:, automation, encryption, least privileges
_______ Focuses on designing systems that work consistently and recover quickly
- Reliability:
______ ______ (pilar) Focuses on the effective use of computing resources to meet system and business requirements. Use _______ architectures first - leverage AWS services whenever possible, they are optimized for the cloud
- Performance Efficiency, serverless
_____ ______ (pilar) Focuses on delivering optimum and resilient solutions at the least cost to the user
- utilize ______-_______ pricing (whenever possible)
- Cost Optimization, consumption-based
_________ Focuses on environmental impacts, especially energy consumption and efficiency
- Sustainability
Use Cases - the 6 Pillars in the Real World:
____________
- you can use CloudTrail to log all of the actions in your AWS account
- Security
- you can use CloudTrail to log all of the actions in your AWS account
Use Cases - the 6 Pillars in the Real World:
_________ _________
- you can use AWS ____ _____ for version control to enable tracking of code changes and to version-control ____________ templates, which define your infrastructure as code
- Operational Excellence, Code Commit, CloudFormation
Use Cases - the 6 Pillars in the Real World:
___________
- you can use ____ for databases for reliability, and multi-AZ deployments for enhanced availability. If one AZ fails, a backup ____ instance that can absorb the database traffic
- Reliability, RDS, RDS
Use Cases - the 6 Pillars in the Real World:
________ -________
- you can use AWS _______ to run code on demand (in response to events) with reduced administration
- Performance Efficiency, Lambda
Use Cases - the 6 Pillars in the Real World:
______ __________
- you can use S3 _______-_______, which automatically moves your data between access tiers based on your usage patterns
- Cost Optimization, Intelligent-Tiering
Use Cases - the 6 Pillars in the Real World:
____________
- you can use EC2 ____ ______ to ensure you are maximizing utilizaion (and scale in, when demand is low)
- Sustainability, Auto Scaling
________ defines WHO can access your resources
- root user, individual users, groups, roles
- Identities
