Questions about the category: Security and compliance in the AWS cloud

A global media company uses AWS Organizations to manage multiple AWS accounts.

A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources.

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Choose two)

Which documentation does AWS Artifact provide?

Which task requires using AWS account root user credentials?

According to the AWS shared responsibility model, what responsibility does a customer have when using Amazon RDS to host a database?

A user needs to determine whether an Amazon EC2 instance's security groups were modified in the last month.

Which AWS service will help protect applications running on AWS from DDoS attacks?

Which AWS service or feature acts as a firewall for Amazon EC2 instances?

A company recently deployed an Amazon RDS instance in its VPC. The company needs to implement a stateful firewall to limit traffic to the private corporate network.

Which AWS service uses machine learning to help discover, monitor, and protect sensitive data that is stored in Amazon S3 buckets?

Which IT controls do AWS and the customer share, according to the AWS shared responsibility model?

A company wants to implement threat detection on its AWS infrastructure. However, the company does not want to deploy additional software.

Which AWS service or feature checks access policies and offers actionable recommendations to help users set secure and functional policies?

Service control policies (SCPs) manage permissions for which of the following?

A user is storing objects in Amazon S3. The user needs to restrict access to the objects to meet compliance obligations.

Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?

In which situations should a company create an IAM user instead of an IAM role?

Which of the following acts as an instance-level firewall to control inbound and outbound access?

Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand?

A company needs to identify the last time that a specific user accessed the AWS Management Console.

A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses an
Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.

Which AWS service provides a feature that can be used to proactively monitor and plan for the service quotas of AWS resources?

Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model?

Who has the responsibility to patch the host operating system of an Amazon EC2 instance, according to the AWS shared responsibility model?

A company is using an Amazon RDS DB instance for an application that is deployed in the AWS Cloud. The company needs regular patching of the operating system of the server where the DB instance runs.