AWS Certified Security – Specialty Set 6

Welcome to AWS Certified Security - Specialty Set6.

Please enter your email details to get QUIZ Details on your email id.

Click on Next Button to proceed.

Email
1. What is PII?
2. Your CEO asks you to provide documentary evidence to demonstrate that the AWS services you are using are PCI-DSS compliant. What do you suggest?
3. You would like to enable your users to access the AWS console and APIs using their on premises Active Directory credentials. Which of the following are valid configuration steps? (Choose 3)
4. Which of the following tools use machine learning to protect your data and resources in AWS? (Choose 2)
5. Your Chief Security Officer has asked you to monitor network requests and API calls coming from a set of malicious IP addresses. She would also like to receive a notification any time such activity is detected and create an automated work flow to quarantine any EC2 instances which is compromised. Which services would you recommend?
6. Your Chief Security Officer has asked you to recommend tools which can perform Network Packet Inspection and IDS, what do you suggest?
7. Your Chief Security Officer has asked you to monitor network requests and API calls coming from a set of malicious IP addresses. She would also like to receive a notification any time such activity is detected and create an automated work flow to quarantine any EC2 instances which is compromised. Which services would you recommend?
8. Which STS API call is used when a Active Directory federated user successfully accesses your AWS resources?
9. You are planning to store the database credentials for your RDS PostgreSQL in Secrets Manager and would like to enable automatic rotation, how soon after enabling automatic rotation will the credential first be rotated?
10. You would like to securely store RDS database credentials so that they are encrypted in transit and at rest and automatically rotated on a regular basis. Which tool should you use?
11. You would like to identify which of your files stored in S3 contain sensitive personal data like drivers licence numbers and social security numbers. Which AWS service will you use?
12. You would like run SQL queries on your CloudTrail logs, which of the following services can you use to achieve this?
13. Which of the following network ports can be used to connect to the SES SMTP endpoint?


Leave a Reply

Your email address will not be published. Required fields are marked *