10_AWS Security Services

Flashcards reviewing AWS security services and defense in-depth strategies.

What is a defense in-depth approach in AWS security?

Applying security at all layers and implementing a multi-layered approach to protect systems and data.

What are three key components of a defense in-depth strategy?

Defending borders, adding data protections, and detecting and responding to threats.

What is AWS WAF?

A web application firewall that monitors HTTP and HTTPS requests.

What type of protection does AWS Shield provide?

Protection against distributed denial of service (DDoS) attacks; included with AWS WAF.

What is an example use case for AWS WAF?

Detect and manage malicious attempts to create accounts.

What is Amazon Macie?

A security service that uses machine learning to discover, classify, and protect sensitive data stored in Amazon S3.

What is an example use case for Amazon Macie?

Identifying sensitive data as it's being migrated to Amazon S3 and notifying an administrator.

What is Amazon Inspector?

A vulnerability management service that scans AWS workloads for software vulnerabilities and unintended network exposure.

What resources does Amazon Inspector scan?

EC2 instances, container images, and AWS Lambda functions.

What is an example use case for Amazon Inspector?

Scanning an Amazon EC2 instance with a specific AMI to find vulnerabilities before deployment.

What is Amazon Detective?

Automatically collects log data and generates visualizations for efficient security investigations.

What is an example use case for Amazon Detective?

Triaging a potential issue by finding all activity related to a specific IAM entity.

What is AWS Security Hub?

A service that monitors security through automated, continuous security best practice checks.

What is the key function of AWS Security Hub?

Aggregates security alerts and presents them in a standardized format.

What is an example use case for AWS Security Hub?

Helps prioritize response and remediation efforts by providing aggregated security alerts.

What is AWS Trusted Advisor?

Provides security recommendations as part of its data and helps follow AWS best practices.

If you enable Security Hub for your AWS account, where can you view your security findings?

You can view your security controls and findings in the Trusted Advisor console.