Summary and Quiz

Get a refresher of what you’ve learned about the security and compliance services provided by AWS in this chapter and take a short quiz to validate your knowledge.

We'll cover the following

Summary
Test your knowledge

In this lesson, we’ll summarize what we’ve learned in this chapter and test our knowledge with a short quiz.

Summary

In this chapter, we learned about security and compliance services offered by AWS. Here’s a brief summary of the services we covered:

Shared Responsibility Model: In the AWS Shared Responsibility Model, AWS is responsible for the security “of” the cloud, which includes the infrastructure, hardware, and services. Customers are responsible for security “in” the cloud, covering their data, applications, identity and access management, and configuring services securely. AWS secures the underlying infrastructure, while customers must secure their usage of AWS services.
AWS KMS: KMS is used to manage encryption keys in AWS. AWS provides both AWS-managed keys and customer-managed keys.
AWS WAF: WAF is a network firewall used to protect our applications from malicious access. We can configure related web ACLs to defend our resources from specific types of attacks, including XSS scripting, SQL injections, and cross-site request forgery. WAF analyzes the request sent to the application and blocks any request that does not comply with the set ACL rules.
AWS Shield: AWS Shield is a protection service that protects applications hosted in the AWS cloud from Distributed Denial of Service (DDoS) attacks. It operates on the OSI model’s network, transport, and application layer (3rd, 4th, and 7th layer).
Amazon Detective: It helps organizations identify security issues, conduct efficient investigations, and proactively respond to potential threats by continuously analyzing and correlating log data from various AWS services, such as AWS CloudTrail and Amazon VPC Flow Logs. It does not resolve any security issues; rather, it just identifies them and recommends actions that can mitigate them.
AWS Directory Service: With AWS Directory Service, organizations can centralize user identities and access management, simplifying authentication and authorization across AWS resources and applications.
AWS Secret Manager: Secret Manager can store our passwords and credentials. All stored secrets within AWS Secrets Manager undergo encryption via AWS Key Management Service (KMS), which delivers resilient encryption standards and proficient key management capabilities.
Amazon Macie: It helps organizations maintain their data assets’ confidentiality, integrity, and availability in AWS environments. It is a fully managed data security and privacy service that uses machine learning and pattern matching to automatically discover, classify, and protect sensitive data stored in AWS.

Get hands-on with 1400+ tech skills courses.

Introduction

AWS Fundamentals

Identity and Access Management

Securing AWS Resources: Managing Access with IAM

Networking

Understanding Networking Services in AWS—From Zero to Hero

Getting Started with Virtual Private Cloud (VPC) in AWS

Managing Peer Connections between Amazon Virtual Private Clouds

Simple Storage Service S3

Configuring a Static Website with S3 and CloudFront

Compute Services

Getting Started with AWS Batch

Getting Started with Amazon ECS

Amazon EC2: Elastic Compute Cloud

Understanding AWS Compute Services — From Zero to Hero

Serverless Computing

Getting to Know AWS Lambda

Mastering Serverless on AWS—From Zero to Hero

Getting Started with Serverless Event-Driven Architectures on AWS

Storage

Understanding AWS Storage Options—From Zero to Hero

Working with AWS S3 Cross-Region Replication

Databases

Working with NoSQL Databases: A Beginner's Guide to AWS DynamoDB

Working with Relational Databases: A Beginner's Guide to AWS RDS

Getting Started with Amazon Aurora Database Engine

Application Integration

Mastering Application Integration Services—From Zero to Hero

Fundamentals of AWS Step Functions

Security and Compliance

Protecting Web Applications Using AWS WAF

Getting Started with AWS Key Management Service (KMS)

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

Analytics

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting Started with Amazon EMR

Building a Logs Processing Pipeline with Amazon Kinesis

Developer Tools

Mastering AWS Deployment Services—From Zero to Hero

Machine Learning

Understanding Machine Learning Services on AWS—From Zero to Hero

Deploying a Machine Learning Model with Amazon SageMaker

AWS Billing and Cost Management

Customer Engagement

Migration and Transfer

Monitoring and Auditing

Getting to Know Amazon CloudWatch

Getting Started with AWS Config

Management and Governance

Getting Started with AWS Systems Manager Parameter Store

Other AWS Services

Understanding AWS IoT Core with Lambda

Wrap Up

Practice Exam - AWS Certified Cloud Practitioner

Practice Exam Solution - AWS Certified Cloud Practitioner

Summary and Quiz

Summary