AWS Certified Security – Specialty Set3

Welcome to AWS Certified Security - Specialty Set3.


Which of the following services integrates with CloudTrail to send a notification to users that a log file has been created?

2. Which of the following services can you use to view your asset inventory, check the configuration history for any given time and perform automated compliance checking?
3. How can you make sure that your CloudTrail log files have not been modified, deleted, or changed?
4. You would like you be notified if any of the systems administrators in your organization creates a security group with SSH open to the world, which service allows you to easily do this?
5. Which of the following statements is NOT correct in relation to CloudTrail?
6. You are looking for a security assessment tool to help improve the security and compliance in your environment by assessing your applications to check if they conform to best practices, which of the following should you use?
7. There are 3 key components to CloudWatch - CloudWatch monitoring, CloudWatch Logs and CloudWatch Events. What do these 3 different features of CloudWatch provide?
8. Which tool can you use to run a security check on your EC2 instances to check for common vulnerabilities and exposures?
9. You are looking for a tool which will assess your environment and provide Best Practice recommendations on each of the following areas: Cost Optimization, Performance, Security, Service Limits and Fault Tolerance. Which of the following should you use?
10. Which of the following tasks can you accomplish using CloudWatch? (Choose 3)
11. How can you protect your CloudTrail logs from unauthorized access? (Choose 3)
12. Which Amazon Inspector rules package would you use to check for instances which enable root login over SSH? (Choose 2)


Leave a Reply

Your email address will not be published. Required fields are marked *