Access Control & Definitions
A method where access to a website or account is only granted after the user presents two or more factors (password, SMS code, etc.)
Multifactor Authentication? (or two-factor authentication)
A type of malicious software, or malware designed to deny access to a computer system or data until compensation is paid
Ransomware
Identity Management for mobile apps. Which AWS service provides that ?
AWS Cognito
You found 2 issues one you found a security Risk in one of our AWS services and You see suspicious activity in an AWS Account ? What is your responsibility as AWS Employee ?
Open a Ticket with AWS Security
How are AWS security teams notified when an AWS resource is found to be noncompliant?
Both SNS and Configuration Stream
An approach to restrict system access to authorized users by granting it based on business responsibilities
Role-based access control?
An attack that aims to make a service such as a website unusable by flooding it with a large amount of malicious traffic
Denial of service attack (DDoS)
Protect AWS accounts with intelligent threat detection
Amazon GuardDuty
The process of converting plaintext into another format that cannot be decoded without a key
Encryption
AWS Security Best Practices Checklist contains 8 key Items. Name one
1. Create Strong Password Policies
2. Implement Multi-Factor Authentication (MFA)
3. Use Email Aliases
4. Set Up AWS Identity & Access Management (IAM)
5. Perform Regular Data Backups
6. Create a Company Culture of Security
7. Maintain Regulatory Compliance
8. Keep Policies Up to Date
The principle of allowing users as little access to a system as possible for them to complete their tasks
Principle of least privilege
An attack that repeatedly tries possible passwords or encryption keys until the correct one is found
Brute-force attack
Rotate, manage, and retrieve Secrets in a AWS environment
AWS Secrets Manager
Which AWS service help automate security assessment that helps improve the security & Compliance of applications deployed on AWS
Amazon Inspector
This security product capture the inbound and outbound traffic from the network interfaces in your VPC.
Flow logs
Strategic plan with tactical prescriptive guidance that lays out a customers cloud security journey to transform their enterprise.
AWS Security EPICS
Understand and identify potential security misconfigurations, threats, or unexpected behaviors
Threat Detection
No cost, self-service portal for on-demand access to AWS’ compliance reports
AWS Artifact
Which AWS Well Architected Design Principle help Monitor, alert, and audit actions and changes to your environment in real time. Integrate log and metric collection with systems to automatically investigate and take action.
Traceability Enablement
What is the name of the role that notify customers about one or more vulnerabilities
AWS Security Bulletins
Continuously Identify, Classify, remediate, and mitigate security issues is called
Vulnerability Mgmt
Monitor, Evaluate, Manage, and Improve the effectiveness of our security & privacy programs.
Reduce potential harm by effectively respond to security issues (hint 2 security Perspectives)
Security Assurance & Incident Response
Investigate potential security issues which AWS Service provides this ?
Scalable, cost-effective application recovery to AWS. Name the service ?
Amazon Detective & AWS Elastic Disaster Recovery
What Services in Isengard can be made public to show customer information related to a demo or aws service that shows the benefit of using AWS cloud services
None (No Services can be made public in Isengard account)
What is a way of using human-like thought mechanisms and converting them to be used by Artificial Intelligence technologies in security to detect security threats.
Cognitive Cybersecurity