AWS Security – AWS Cloud Practitioner

AWS Security is freedom or resilience against, the potential harm caused by others. All information security measures try to address at least one of three goals:

• Protect the confidentiality of data
• Preserve the integrity of data
• Promote the availability of data for authorized use

These goals form the confidentiality, integrity, availability (CIA) triad, the basis of all security programs.

AWS Security Services

• Identity and Access Management (IAM) – Create users, groups, and roles, and use permissions to allow and deny their access to AWS resources such as EC2, RDS, and VPC. IAM enables you to grant unique credentials to every user within your AWS Account, allowing individual access only to the AWS services and resources required. It is also compatible with Active Directory.
• Virtual Private Clouds (VPCs) – It enables provisioning of compute resources, like EC2 instances and RDS, in isolated virtual networks with total control of inbound and outbound network traffic.
• Security Groups and Network  ACL’s – Enforce firewall rules controlling incoming and outgoing traffic at the instance level. Restrict traffic by protocol type (TCP, UDP, ICMP), IP address, and port.
• Data Encryption – It is made available for EBS, S3, RDS and Glacier service. It encrypts data using AES-256.
• Direct Connect – It establishes a private virtual interface between on-premise network and Amazon VPC.
• AWS Cloud Trail – It gives a log of API calls made against your account resources, include those by the AWS Management Console, SDKs, and command line tools.

Link for free practice test – https://www.testpreptraining.com/aws-certified-cloud-practitioner-free-practice-test