Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

AWS Developer Associate > Security > Flashcards

Security Flashcards

(14 cards)

Start Studying
1
Q

AWS Systems Manager Parameter Store

A
  • Secure storage for configuration data management and secrets management
  • Store passwords, DB strings, license code as parameter values
  • Plain text or encrypted data
  • more cost effective than AWS secrets manager
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AWS CloudHSM

A
  • Allows users to generate and use their own encryption keys on AWS cloud
  • Dedicated HSM instances for key generation, storage and management
  • FIPS compliant (high security standard)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IAM Execution Role

A
  • role that an AWS service assumes to perform actions on your behalf
  • role is used to grant permissions to AWS services so they can interact with other AWS resources securely and efficiently
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Transparent Data Encryption

A

automatically encrypts data before it is written to storage, and automatically decrypts data when the data is read from storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AWS Secrets Manager

A
  • store secrets, encrypted at rest
  • automatic rotation of secrets according to a schedule that you define
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AWS Certificate Manager

A
  • use to provision, manage, and deploy server certificates
  • NOTE: not supported in all regions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM Certificate store

A
  • only use when ACM is not supported in the region
  • cannot upload ACM certificate to IAM
  • encrypted cert stored in IAM SSL certificate storage, can support deploying server certs in all regions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

API Gateway Lambda Authorizer

A
  • API Gateway feature that uses a Lambda function to control access to your API
  • When a client makes a request to one of your API’s methods, API Gateway calls your Lambda authorizer, which takes the caller’s identity as input and returns an IAM policy as output
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Token based Lambda authorizer

A

A token-based Lambda authorizer (also called a TOKEN authorizer) receives the caller’s identity in a bearer token, such as a JSON Web Token (JWT) or an OAuth token.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Request parameter-based Lambda authorizer

A

A request parameter-based Lambda authorizer (also called a REQUEST authorizer) receives the caller’s identity in a combination of headers, query string parameters, stageVariables, and $context variables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AWS Security Token Service (STS)

A
  • AWS facility for requesting temporary user credentials with limited privileges
  • It allows you to acquire short-term access to privileged roles in a controlled manner
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What header is used for Amazon S3-Managed Encryption keys (SSE-S3)?

A

x-amz-server-side-encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What headers are used for SSE-C?

A

x-amz-server-side​-encryption​-customer-algorithm

x-amz-server-side​-encryption​-customer-key

x-amz-server-side​-encryption​-customer-key-MD5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Developer Associate (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions