DEV Community

Alec Dutcher
Alec Dutcher

Posted on • Edited on

Section 2.4 - AWS Certified Cloud Practitioner Study Guide

This series is intended to be a personal study guide. Information may not be comprehensive or accurate. I am sharing it in case others find it useful. Please feel free to comment if any information is inaccurate.

Return to Exam Guide

2.4 Identify resources for security support

Recognize there are different network security capabilities

  • Native AWS services (for example, security groups, Network ACLs, AWS WAF)
    • Security groups - virtual firewall for a VPC instance (instance level, not subnet)
    • Network ACLs - Access Control List, firewall for one or more subnets
    • WAF - Web Application Firewall, monitor HTTP(S) requests and control access to content to protect against web attacks, cross-site scripting, and SQL injection
  • 3rd party security products from the AWS Marketplace

Recognize there is documentation and where to find it (for example, best practices, whitepapers, official documents)

Know that security checks are a component of AWS Trusted Advisor

  • AWS Trusted Advisor
  • Checks against account to identify ways to optimize
  • Security checks are available to Basic, Developer, Business, and Enterprise Support customers

Return to Exam Guide

Top comments (0)