Summary This chapter has covered quite a lot of ground in terms of designing secure solutions on AWS. You learned how to leverage IAM and identity federation in your solution to provide granular access control. You then looked at the best practices to protect your infrastructure resources—using tools such as AWS WAF, AWS Shield, and […]

Exam Readiness Drill – Chapter Review Questions Apart from a solid understanding of key concepts, being able to think quickly under time pressure is a skill that will help you ace your certification exam. That is why working on these skills early on in your learning journey is key. Chapter review questions are designed to […]

Glacier Glacier is the archiving tier of S3 in AWS; however, you can use Glacier directly through the API as well. Many different backup tools allow you to store data onto Glacier directly. When using Glacier, be mindful of the RTO because the retrieval times in Glacier fall into three categories: Expedited retrieval: Retrieval of […]

Enabling Amazon GuardDuty Amazon GuardDuty is a regional service. You must first select the region where you will enable the service; once that is done, it is effortless to enable it. Just complete the following steps: After enabling GuardDuty, you will be brought to the main GuardDuty page (that is, the Findings page) by default. […]

THE AWS CERTIFIED ADVANCED NETWORKING – SPECIALTY EXAM OBJECTIVES COVERED IN THIS CHAPTER MAY INCLUDE, BUT ARE NOT LIMITED TO, THE FOLLOWING: Objective 1.3: Design solutions that integrate load balancing to meet high availability, scalability, and security requirements. Elastic Load Balancing In Chapter 1, “Edge Networking,” you learned that the Elastic Load Balancer (ELB) is […]

Responding to Incidents Detecting incidents is one thing, but being able to respond to them in a timely manner is even more important. Assume that you have put in place the necessary mechanisms to detect and prioritize incidents. What is next? Next, you want the ability to remediate these incidents. There can be, however, several […]

Important note You should be aware that there are many alternatives to co-occurrence matrices with a fixed context window, such as using TD-IDF vectorization or even simpler counters of words per document. The most important message here is that, somehow, you must come up with a numerical representation for each word. The last step is […]

S3 Sync S3 sync is an AWS CLI feature that can be a great option when you simply want to copy a large number of files from your production server to AWS. S3 sync creates a synchronization list of files on the local directory with an S3 bucket. The synchronization can also be done in […]

How GuardDuty Works After enabling the GuardDuty service, data is collected from the aforementioned three sources and begins to be analyzed. The service can analyze tens of billions of events from multiple data sources, which are vetted for threat intelligence; it looks for abnormal activity on your account in this manner. If GuardDuty notices anomalous […]

Review Questions The following questions are designed to test your understanding of this chapter’s material. For more information on how to obtain additional questions, please see this book’s introduction.