This class was created by Brainscape user Rich Alberth. Visit their profile to learn more about the creator.
By:
Rich Alberth
- decks
- flashcards
- learners
Decks in this class (83)
AUP
Why can t you use aws to store mu...,
Why can t you use aws to advertis...,
Why can t you host trump s truth ...
11
cards
Bastions
Where do bastion hosts live 1,
What is required inside a bastion...,
What is required outside a bastio...
4
cards
DDoS
3 types of ddos attacks 1,
How do you combat ddos attacks 2,
What do you generally need to lau...
19
cards
DNSSEC
Value prop for dnssec 1,
Why would a layman care about dns...,
Basically how does it work 3
20
cards
OSI
What layer is nat 1,
What layer is pat 2,
What is static nat 3
3
cards
EventBridge
Moving parts of eventbridge 1,
Are cwe real time 2,
What is the venn diagram of cloud...
13
cards
SNS
5 examples of subscribers 1,
What is the keyword for this type...,
Can a publisher get delivery stat...
9
cards
EC2_3
Ip address for instance metadata ...,
Cool use of meta data instance am...,
What is user data when is it used 3
3
cards
EC2_4
What s the url for instance metad...,
Encryption and authz authn for in...,
How do you restrict access to the...
3
cards
Lambda 1
Two types of roles for a lambda f...,
What are resource policies for la...,
Diagnosing function problem nothi...
3
cards
RDS 3
Is traffic encrypted in transit t...,
Can you make encryption in transi...,
How does rds encrypt data at rest 3
8
cards
CloudFormation 1
What are nested stacks 1,
What about resourcees in a stack ...,
Max number of resources in a sing...
32
cards
CloudFormation 2
What is cfn deletionpolicy 1,
What are the three values for del...,
If you mark a resource with retai...
23
cards
Logs 1
What can you do to keep high reso...,
How can you create cloudwatch met...,
What feature allows you to create...
10
cards
Logs 2
What is a subscription filter 1,
Can you subscribe a destination t...,
Is delivery to kinesis real time 3
8
cards
Metrics 1
What s the most overlooked extra ...,
How far back is data maintained 2,
Time resolution for cloudwatch me...
5
cards
Metrics 2
Can cloudwatch metrics work acros...,
Two kinds of cloudwatch alarms 2,
How do metric alarms work 3
5
cards
Control Tower 1
Control tower basic value prop 1,
Four basic parts of control tower...,
Why have multiple accounts 3
32
cards
Control Tower 2
What does control tower do with v...,
What s in the control tower vpc 2,
Control tower and regions 3
30
cards
Control Tower 3
What is baselining 1,
What is an account baseline 2,
At it s core what is a blueprint 3
26
cards
Organizations
Best practice for security in orgs 1,
So what s the ou at the top of th...,
Best practice what should you cre...
19
cards
IPv6
How do vpcs handle ipv6 routing w...,
How do you dual stack a nat gatew...,
So how do you hide ipv6 subnets i...
4
cards
NAT Gateway
Nat instance or nat gateway 1,
Why never use nat instances 2,
How do you control what traffic c...
24
cards
Network Firewall
Tl dr for network firewall 1,
Does a nf protect incoming or out...,
Is nf simple filtering or deep pa...
26
cards
PrivateLink 1
Are client interface endpoints re...,
How do clients control access to ...,
What are interface endpoints in a...
11
cards
PrivateLink 2
What is a gateway endpoint 1,
What happens when you create a gw...,
Which services support both inter...
17
cards
Route53 1
How do you set up the dnssec keys...,
What s the big limitation caveat ...,
How do you create the zsk in kms 3
10
cards
Route53 3
What ip addresses are reserved fo...,
What is the thing running on 2 ca...,
Can you access a route53 resolver...
21
cards
Routing
What does the vpc router route tr...,
Why doesn t the vpc router handle...,
Where in the vpc s network space ...
10
cards
VPC 1
What s the major limitation of sgs 1,
What do you attach security group...,
Can hosts in a sg talk to each ot...
11
cards
VPC 2
How does dhcp start out for new h...,
8 things dhcp gives a new host 2,
What is amazonproivideddns under ...
12
cards
VPC 3
What are nacls associated with 1,
How do nacls control traffic with...,
How do nacls handle request and r...
33
cards
VPC 4
Two types of igws 1,
Do igws support one way two way i...,
What s an egress only igw used for 3
14
cards
VPC 5
What do vgws connect 1,
What actual thing s are provision...,
How many vpcs can a vgw connect to 3
14
cards
VPN client
Client vpn is what technology 1,
What do you connect to 2,
What are endpoints associated wit...
12
cards
VPN S2S 1
Are vpns ha 1,
Vpns connect what 2,
How long to set up a s2s vpn 3
18
cards
VPN S2S 2
What aws virtual resources does a...,
What actual things are provisione...,
What s connected when you establi...
9
cards
ACM
Can you run a public certificate ...,
Can you run a private certificate...,
Acm do you generate certs yoursel...
12
cards
Detective
What is detective 1,
What types of events is it most c...,
Sources of data 3
13
cards
IAM 1
Root user restrictions 1,
How do you change your account na...,
How do you turn on identitycenter 3
23
cards
IAM 2
When you assume a role what happe...,
What abilities do you inherit fro...,
User john wants to assume role db...
30
cards
IAM 3
What is abac 1,
Why does abac scale so well 2,
Why is abac more flexible than rb...
28
cards
Identity Center 1
What is iam ic all about 1,
How does it simplify managing hum...,
How do i turn on identity center 3
22
cards
Identity Center 2
What is provisioning 1,
So why not just use federation in...,
Two types of provisioning with ex...
22
cards
Identity Center 3
What are app assignments 1,
What apps can use identity center 2,
Examples of aws systems that use ...
17
cards
Identity Federation
Types of federated accesses 1,
Special names for the two acting ...,
Examples of identity provicders 3
28
cards
Policy 1
4 types of iam policies 1,
What can have identity based poli...,
What type of policies use princip...
8
cards
Policy 2
Order of rules for iam overlappin...,
Order of evaluations 7 2,
Number one dumb mistake evaluatin...
26
cards
RAM
One sentence for ram 1,
What is the cost structure for ram 2,
What things can you share resourc...
18
cards
Security Hub
What is security hub 1,
How do you turn it on 2,
I turned on security hub why isn ...
12
cards
Trusted Advisor
What is trusted advisor 1,
What s in the generated report 2,
How do you install the agent 3
27
cards
AWS Security Services
Hook up to oracle to do transpare...,
Most secure way to secure a ca 2,
Service for finding root cause of...
42
cards
CloudHSM
What is the major security limita...,
What is cloudhsm compared to kms 2,
Major warning about cloudhsm use 3
21
cards
KMS 1
Key feature of kms the big thing 1,
What s the technical standard for...,
Why does the l2 in the fips stand...
24
cards
KMS 2
How do you get around the 4 kb li...,
Where do you create a dek 2,
Are deks symmetric or asymmetric 3
24
cards
KMS 3
Is kms regional zonal global or s...,
How would you export a kms key to...,
Can you use a kms key across acco...
27
cards
KMS 4
How do you monitor key usage for ...,
Can you use eventbridge to trigge...,
Can you use eventbridge to trigge...
26
cards
Encryption SDK
What is the encryption sdk encsdk 1,
Value prop of encsdk 2,
What keys does encsdk work with 3
12
cards
Policy 3
What is aws tokenissuetime 1,
What is aws principaltype 2,
What is aws username 3
28
cards
CloudTrail
How do you turn on cloudtrail 1,
How long stored 2,
Where are cloudtrail things stored 3
25
cards
Macie
What is macie 1,
How does it work underlying tech 2,
Two types of identifiers 3
13
cards
DynamoDB 3
How do you encrypt a ddb table at...,
Cost to encrypt your tables 2,
What are the limitations if you u...
7
cards
RDS 3
Is traffic encrypted in transit t...,
Can you make encryption in transi...,
How does rds encrypt data at rest 3
13
cards
Load Balancers 3
Three ways elbs can handle ssl 1,
What is bridging 2,
Bad security part of bridging 3
17
cards
Athena
Cost structure for athena 1,
How do you load data into athena 2,
What s the term for a schema you ...
7
cards
GuardDuty
What is guardduty 1,
What is guardduty looking for 2,
Analogy to help understand guardd...
23
cards
Inspector
What is inspector 1,
What s the mental picture for und...,
How do you use it 3
12
cards
EBS 2
How are volumes encrypted 1,
Low level what s the encryption a...,
What happens when ec2 mounts an e...
12
cards
EBS 3
What happens to the data on your ...,
How does aws prevent your raw dat...,
How can you wipe your data before...
5
cards
S3 1
How do you disable versioning 1,
What is the version key id on an ...,
When is a key id null once a buck...
14
cards
S3 3
What is object lock 1,
How do you apply it to an object 2,
What about old buckets and object...
15
cards
S3 5
What are s3 access points 1,
Why use access points 2,
What s the typical use case for t...
12
cards
S3 6
What are the two types of keys us...,
What is a dek 2,
Informal name for a key encryptio...
26
cards
S3 7
How does sse c work 1,
What is stored with the encrypted...,
What happens if you send the wron...
12
cards
S3 8
Where can s3 events be delivered ...,
What filters can you do on action...,
What do you do if you want s3 eve...
14
cards
APIGW 2
What does a lambda authorizer do ...,
What does api gateway do with the...
2
cards
CloudFront 1
What is restrict viewer access 1,
How does waf integrate with cloud...,
Can cloudfront support ipv6 3
9
cards
CloudFront 3
How does cf handle http and https 1,
How can cf handle only http 2,
How do you enable ssl for cf 3
21
cards
CloudFront 4
What s a private distribution 1,
How do you set certain parts of a...,
Old way to sign things for a priv...
29
cards
Cognito
What do you give and get from a u...,
How does a user pool get access t...,
Where do identities come from for...
18
cards
Shield
Tl dr for shield 1,
Two flavors of shield 2,
Three types of ddos attacks 3
25
cards
WAF
What happens in a layer 4 firewall 1,
What happens in a layer 5 firewall 2,
Why is a layer 5 firewall better ...
8
cards
Secrets Manager
Secrets manager or param store fo...,
Secrets manager or param store fo...,
Secrets manager or param store to...
35
cards
More about
AWS Security
- Class purpose General learning
Learn faster with Brainscape on your web, iPhone, or Android device. Study Rich Alberth's AWS Security flashcards now!
How studying works.
Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.
Add your own flashcards.
Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!
What's Brainscape anyway?
Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.
We use an adaptive study algorithm that is proven to help you learn faster and remember longer....
Looking for something else?
AWS SECURITY
- 9 decks
- 282 flashcards
- 17 learners
Decks:
Iam, Logging And Monitoring, Infrastructure Security, And more!
Learn AWS
- 90 decks
- 3770 flashcards
- 811 learners
Decks:
Aws S3, Aws Ec2, Aws Base Knowledge, And more!
