Module 4 - Section 6

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/12

flashcard set

Earn XP

Description and Tags

Working to ensure compliance

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

13 Terms

1
New cards

ISO/IEC 27001:2013

As an example of a certification for which you can use AWS services to meet your compliance goals, consider the ___ certification. It specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System

2
New cards

ISO/IEC 27001:2013

The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System. The Information Security Management System defines how AWS perpetually manages security in a holistic, comprehensive manner.

3
New cards

  • Health Insurance Portability and Accountability Act (HIPAA)

  • the European Union (EU) General Data Protection Regulation (GDPR)

AWS also provides security features and legal agreements that are designed to help support customers with common regulations and laws. Examples include:

4
New cards

General Data Protection Regulation (GDPR)

the European Union (EU) ___ protects European Union data subjects' fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance

5
New cards

AWS Config

a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. This continuously monitors and records your AWS resource configurations, and it enables you to automate the evaluation of recorded configurations against desired configurations.

6
New cards

AWS Config

With ___, you can review changes in configurations and relationships between AWS resources, review detailed resource configuration histories, and determine your overall compliance against the configurations that are specified in your internal guidelines. This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.

7
New cards

recorded configurations, desired configurations

AWS Config automatically evaluate ___ versus ___

8
New cards

Regional

AWS Config is a ___ service

9
New cards

aggregator

AWS Config offers an ___ feature that can show an aggregated view of resources across multiple Regions and even multiple accounts.

10
New cards

AWS Artifact

provides on-demand downloads of AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI), and Service Organization Control (SOC) reports.

11
New cards

security and compliance documents (also known as audit artifacts)

You can submit the___ to your auditors or regulators to demonstrate the security and compliance of the AWS infrastructure and services that you use.

12
New cards

the Business Associate Agreement (BAA)

A ___ typically is required for companies that are subject to HIPAA to ensure that protected health information (PHI) is appropriately safeguarded

13
New cards

AWS Management Console

You can access AWS Artifact directly from the ___