Identify Components and Resources for Security

🎯What Is This Task Testing? ## 1) 🔐 AWS Security Features and Services to Know ## Security Groups (SGs) ## Network ACLs (NACLs) ## AWS Web Application Firewall (WAF) ## AWS Firewall Manager ## AWS Shield ## Amazon GuardDuty ## 2) 🧩 Third-Party Security Products ## AWS Marketplace ## 3) 📚 Where to Find AWS Security Information ## 4) Using AWS Services to Identify Security Issues 🔎 ## AWS Trusted Advisor ## ✅ Quick Exam-Style Summary ## Additional Resources 🛡️Exam Guide: Cloud Practitioner Domain 2: Security & Compliance 📘Task Statement 2.4 You need to recognize: “Which service/control should you use?” Know the purpose of each. Use SGs When: you need instance/resource-level traffic control (ports, protocols, source/destination). Use NACLs When: you need subnet-wide allow/deny rules, including explicit denies. Use WAF When: you want to block malicious web requests or enforce web rules at the edge/front door. Use Firewall Manager When: you need consistent security policy enforcement at scale across many accounts. Use Shield when: the scenario mentions DDoS attacks, volumetric attacks, or keeping public endpoints available during attacks. Use GuardDuty when: you need continuous threat detection and alerts for potentially compromised resources or accounts. AWS also supports third-party security tooling for needs like: AWS Marketplace is where you can find and deploy third-party security products that integrate with AWS. “Where can you obtain third-party security solutions for AWS?” → AWS Marketplace. Know where AWS publishes official guidance, updates, and troubleshooting: “official guidance/best practices” → Security Center “latest updates and detailed posts” → Security Blog “how do I fix/configure X?” → Knowledge Center Trusted Advisor scans your environment and provides best-practice recommendations across multiple categories, including Security. Use Trusted Advisor When: you want recommendations that flag common security risks and misconfigurations (along with other best-practice areas). Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse - Core AWS security capabilities (network controls, threat detection, DDoS protection, web protection) - Where to find AWS security documentation and guidance - That third-party security tools exist via AWS Marketplace - Which AWS services can help identify security issues (for example, Trusted Advisor) - A virtual firewall for resources such as Amazon EC2. - Control inbound and outbound traffic. - Generally stateful (return traffic is automatically allowed). - A firewall at the subnet level in a VPC. - Control inbound and outbound rules for subnets. - Generally stateless (return traffic must be explicitly allowed). - A web application firewall that helps protect web apps from common exploits. - Filters/monitors HTTP(S) requests (e.g., SQL injection, cross-site scripting). - A central management service for security rules and policies. - Helps you configure and manage protections (for example, WAF rules) across multiple accounts and resources, commonly in AWS Organizations environments. - Helps protect against DDoS attacks. - Commonly positioned for protecting internet-facing applications. - A threat detection service that monitors for suspicious activity and unauthorized behavior. - Uses signals such as account activity and network/DNS patterns to generate findings. - SIEM/log analytics - endpoint protection - vulnerability scanning - network security appliances - AWS Security Center: centralized security guidance and best practices. - AWS Security Blog: announcements and deep dives on AWS security topics. - AWS Knowledge Center: how-to articles and troubleshooting steps. - Security groups: instance-level firewall (stateful). - NACLs: subnet-level firewall (stateless). - AWS WAF: web request filtering/protection. - AWS Firewall Manager: centralized policy management across accounts/resources. - AWS Shield: DDoS protection. - Amazon GuardDuty:threat detection findings. - AWS Marketplace: third-party security products. - Security info sources: AWS Security Center, AWS Security Blog, AWS Knowledge Center. - AWS Trusted Advisor: identifies security issues via best-practice checks - Understand AWS Cloud Security, Governance, and Compliance Concepts - Introduction to AWS Security - Security and compliance - AWS Cloud Security - Cloud security software