Bash, the Crucial Exams Chat Bot
AI Bot
AWS Security & Compliance Essentials Flashcards
| Front | Back |
| AWS Artifact | Portal for on demand access to AWS compliance and security reports |
| AWS CloudTrail | Enable governance compliance and risk auditing by logging AWS API calls |
| AWS Config | Service for assessing auditing and evaluating resource configurations |
| AWS GuardDuty | Continuous threat detection service using machine learning to analyze logs |
| AWS identity federation | Use SAML or OIDC to integrate external identity providers |
| AWS KMS purpose | Managed service for creating controlling and using encryption keys |
| AWS Security Hub | Centralized dashboard for security alerts and compliance status |
| AWS shared responsibility model | Defines AWS security of the cloud and customer responsibility for security in the cloud |
| AWS Shield | Managed DDoS protection service for applications |
| AWS WAF | Web application firewall to protect HTTP endpoints |
| Customer managed CMK vs AWS managed CMK | Customer keys offer more control and allow key rotation |
| Envelope encryption | Encrypt data with a data key that is itself encrypted by a master key |
| IAM least privilege principle | Grant only the permissions necessary to perform a task |
| IAM multi factor authentication | MFA adds a second authentication factor to secure user access |
| VPC Flow Logs | Capture IP traffic metadata for monitoring and troubleshooting |
Front
AWS Config
Click the card to flip
Back
Service for assessing auditing and evaluating resource configurations
Front
IAM multi factor authentication
Back
MFA adds a second authentication factor to secure user access
Front
AWS CloudTrail
Back
Enable governance compliance and risk auditing by logging AWS API calls
Front
AWS Artifact
Back
Portal for on demand access to AWS compliance and security reports
Front
AWS KMS purpose
Back
Managed service for creating controlling and using encryption keys
Front
Customer managed CMK vs AWS managed CMK
Back
Customer keys offer more control and allow key rotation
Front
VPC Flow Logs
Back
Capture IP traffic metadata for monitoring and troubleshooting
Front
Envelope encryption
Back
Encrypt data with a data key that is itself encrypted by a master key
Front
AWS identity federation
Back
Use SAML or OIDC to integrate external identity providers
Front
AWS Security Hub
Back
Centralized dashboard for security alerts and compliance status
Front
AWS WAF
Back
Web application firewall to protect HTTP endpoints
Front
AWS shared responsibility model
Back
Defines AWS security of the cloud and customer responsibility for security in the cloud
Front
AWS Shield
Back
Managed DDoS protection service for applications
Front
AWS GuardDuty
Back
Continuous threat detection service using machine learning to analyze logs
Front
IAM least privilege principle
Back
Grant only the permissions necessary to perform a task
1/15
This deck covers core aspects of AWS security, compliance frameworks, data encryption, and identity best practices, helping you understand governance in the AWS environment.