AWS Security & Compliance Essentials Flashcards
AWS Cloud Practitioner CLF-C02 Flashcards
| Front | Back |
| AWS Artifact | Portal for on demand access to AWS compliance and security reports |
| AWS CloudTrail | Enable governance compliance and risk auditing by logging AWS API calls |
| AWS Config | Service for assessing auditing and evaluating resource configurations |
| AWS GuardDuty | Continuous threat detection service using machine learning to analyze logs |
| AWS identity federation | Use SAML or OIDC to integrate external identity providers |
| AWS KMS purpose | Managed service for creating controlling and using encryption keys |
| AWS Security Hub | Centralized dashboard for security alerts and compliance status |
| AWS shared responsibility model | Defines AWS security of the cloud and customer responsibility for security in the cloud |
| AWS Shield | Managed DDoS protection service for applications |
| AWS WAF | Web application firewall to protect HTTP endpoints |
| Customer managed CMK vs AWS managed CMK | Customer keys offer more control and allow key rotation |
| Envelope encryption | Encrypt data with a data key that is itself encrypted by a master key |
| IAM least privilege principle | Grant only the permissions necessary to perform a task |
| IAM multi factor authentication | MFA adds a second authentication factor to secure user access |
| VPC Flow Logs | Capture IP traffic metadata for monitoring and troubleshooting |
About the Flashcards
Flashcards for the AWS Cloud Practitioner exam provide a concise way to review essential AWS security terminology, concepts, and service purposes. Cards cover the shared responsibility model, IAM fundamentals like least privilege, MFA, and identity federation, plus encryption topics such as AWS KMS, envelope encryption, and differences between customer-managed and AWS-managed CMKs.
They also reinforce logging, monitoring, threat detection, and compliance tools including AWS CloudTrail, AWS Config, VPC Flow Logs, GuardDuty, Security Hub, and AWS Artifact, along with perimeter protections like AWS Shield and WAF. Designed for quick recall and targeted review, this deck emphasizes definitions and key ideas you'll need to recognize on the exam.
Topics covered in this flashcard deck:
- Shared responsibility model
- Identity and access management
- Encryption and key management
- Logging and monitoring
- Threat detection and protection
- Compliance and governance