Bash, the Crucial Exams Chat Bot
AI Bot
AWS Security and Compliance for DevOps Flashcards
AWS DevOps Engineer Professional DOP-C02 Flashcards
| Front | Back |
| How can Amazon Macie contribute to security compliance | By discovering, classifying, and protecting sensitive data such as Personally Identifiable Information (PII) |
| How can AWS Inspector assist with application security | By automatically assessing vulnerabilities and compliance in applications running on AWS resources |
| How can AWS Key Management Service (KMS) enhance data security | By managing encryption keys used to secure data within your AWS environment |
| How can encryption protect data at rest in AWS | By encoding data so unauthorized users cannot access it without the encryption key |
| How can resource policies enhance security in AWS | By defining conditions under which a resource can be accessed |
| How can security groups improve instance-level security | By allowing you to define inbound and outbound traffic rules for EC2 instances |
| How can Systems Manager Parameter Store improve secrets management | By securely storing configuration data and sensitive information |
| How can tags be utilized for compliance in AWS resources | By labeling resources for easier auditing and management |
| How does AWS Shield protect against DDoS attacks | By providing managed protection against volumetric and application-layer attacks |
| How does AWS Trusted Advisor help improve security in your AWS account | By providing security recommendations on best practices and identifying potential vulnerabilities |
| How does AWS WAF increase application security | By letting you create rules to block or allow unexpected traffic patterns |
| How does Multi-Factor Authentication (MFA) add security to AWS accounts | By requiring a password and a secondary form of verification to access accounts |
| What AWS feature allows restricting access to resources based on the originating IP address | Network Access Control Lists (NACLs) |
| What AWS service helps developers find application code vulnerabilities | Amazon CodeGuru |
| What AWS service provides centralized secrets management for applications | AWS Secrets Manager |
| What AWS tool helps enforce compliance through automated security checks | AWS Security Hub |
| What is AWS Organizations' role in managing compliance | By centralizing governance and management across multiple AWS accounts |
| What is the benefit of automating security in DevOps workflows | By consistently applying security measures across development, testing, and deployment stages |
| What is the benefit of enabling AWS GuardDuty | To detect and protect against unauthorized and malicious activity such as account compromise |
| What is the importance of logging in AWS security workflows | To provide visibility into events and activities for analysis and troubleshooting |
| What is the principle of least privilege in IAM | Granting users and services only the permissions they need to perform their tasks |
| What is the purpose of IAM roles in AWS workflows | To grant permissions to trusted entities like services or applications for secure resource access |
| What is the purpose of using VPC endpoints in AWS security | To securely connect to AWS services without exposing traffic to the internet |
| What is the role of AWS Config in maintaining compliance | To track resource configurations and evaluate them against compliance rules |
| What is the Shared Responsibility Model in AWS | A framework dividing security responsibilities between AWS and the customer |
| What is the significance of using S3 Bucket Policies | To customize access permissions for data stored in specific S3 buckets |
| Which AWS service allows secure storage and retrieval of encryption keys in FIPS 140-2 validated hardware | AWS CloudHSM |
| Which AWS service enables you to monitor API calls and account activity for security auditing purposes | AWS CloudTrail |
| Why is it essential to perform routine audits of IAM policies and roles | To identify overly permissive permissions and improve security posture |
| Why is rotating IAM access keys an essential security practice | To reduce the risk of unauthorized access in case keys become compromised |
This deck explores IAM roles, encryption, secrets management, and compliance requirements, ensuring security adherence in DevOps workflows.