AWS Associate Solutions Architect 2022: Design Secure Architectures (Intermediate Level)

Topics covered

• Add users and groups to AWS Managed Active Directory (AD)
• Centrally manage patches, images, and software inventory using AWS Systems Manager
• Configure a network ACL
• Configure a security group
• Configure encryption key lifecycle settings
• Configure the AWS user password policy
• Enable Amazon GuardDuty threat detection and examine sample findings
• Identify common threats such as distributed denial-of-service (DDoS) and injection attacks
• Identify the six pillars of a well-architected framework
• Locate documentation verifying AWS compliance with various standards
• Manage AWS Organizations
• Manage IAM users
• Outline how cryptography serves to protect AWS services and data
• Outline the use of AWS data centers, regions, and availability zones
• Recall how a web application firewall can help mitigate common web application attacks
• Recognize how AWS can use single sign-on (SSO), centralized federated authentication, and the AWS Security Token Service
• recognize when to use Lambda, Amazon Cognito, API Gateway, Simple Queue Service (SQS), and distributed computing
• Recognize where IT service and data responsibility lies for specific AWS services
• Use the console to create an AWS Key Management Service (KMS) key
• Use the Secrets Manager console to examine how app code can retrieve centrally stored secrets