AWS Security Speciality

aws-security-specialty-preparation-notes.md

AWS Security Speciality certification preparation notes

Services to study

AWS Trusted Advisor

• Inspects our AWS environments and makes recommendations where it deems necessary.
• Works at an account level and makes recommendations based on your entire account. Categories: cost, optimization, performance, security, service limits, and fault tolerance.

AWS Guard Duty

• Threat detection system. It doesn't prevent, only detects.
• Continious security monitoring service that process data from multiple data sources, like Amazon CloudTrail and DNS logs.
• It uses threat intelligence feeds and machine learning to identify and alert on potential malicious and unwanted action patterns.

AWS Inspector

• Automatically assess our apps for exposures, vulnerabilities, amd best-practice compliance.
• It generates findings; findings are detailed reports produced and reported via lists. They are prioritised via security levels. You can suppress findings via suppressions rules.