Security and Compliance Questions

Encrypting data at rest and in transit primarily supports which AWS Well-Architected Framework pillar?

What is AWS Key Management Service (AWS KMS) primarily used for?

Which service provides DDoS protection automatically at no additional cost for all AWS customers?

Which service stores and automatically rotates database credentials and API keys securely?

Which security concept means users receive only the permissions needed to perform their job?

Which service manages user identities, permissions, and access to AWS resources?

Which service helps protect a web application from common exploits such as SQL injection and cross-site scripting?

Which tool provides on-demand access to AWS compliance reports and certifications such as PCI DSS and SOC reports?

Which service records AWS API calls for governance, compliance, and auditing?

Which service identifies unusual API activity such as calls from unexpected IP addresses?

Which AWS service provides advanced DDoS protection with always-on detection and access to a 24/7 DDoS Response Team?

Which AWS service provides workforce identity and single sign-on across AWS accounts and business applications?

Which IAM best practice should be applied to grant an application running on EC2 access to Amazon S3?

A team needs to investigate the root cause of a security finding by visualizing related events across CloudTrail, VPC Flow Logs, and GuardDuty finding...

A security analyst needs a single dashboard that aggregates security findings from GuardDuty, Inspector, Macie, and partner products. Which AWS servic...