Cram Quiz Answers 1. Answer: B is correct. The region should be changed to a US region. Because all the clients reside in the continental US, replicating to an EU region might breach possible data residency laws and make the application less functional in the case of a disaster, due to the network distance and increased […]

Key Features of GuardDuty As a managed threat detection service, GuardDuty provides the following key features: Now that you have an idea of the key features that GuardDuty offers, the next sections will help you dive deeper into those features. Data Sources for GuardDuty The Amazon GuardDuty service derives most of its information from three […]

In the process of creating your infrastructure and granting user access to your account, you need to be on the lookout for the security of your environment. There’s a good possibility that your environment will be changing constantly. This means that the security status of your environment could change as well, potentially leading to new […]

Exam Essentials Know the Route 53 console areas with a focus on hosted zones and routing records. Understand all of the traffic management options in Route 53 such as latency, multivalue, etc., and how they are used. Understand the concept of DNS zones and what information they contain. Know the difference between public and private […]

Detecting Incidents Even after you have put all the necessary measures in place to protect your infrastructure and your data, you are only halfway through ensuring security. Despite all the protections implemented, some incidents can still occur. It can be any type of incident—a security breach, a data leak, a system misconfiguration, a configuration change, […]

Word embedding Unlike traditional approaches, such as BoW and TD-IDF, modern methods of text representation will take care of the context of the information, as well as the presence or frequency of words. One very popular and powerful approach that follows this concept is known as word embedding. Word embeddings create a dense vector of […]

Multisite Active-Active Last but not least is the multisite active-active approach. In this scenario, there is more than one production site in more than one region. All of the production sites are able to receive traffic and respond to requests at any time and can be balanced to ensure that the application never experiences any […]

Resolver Endpoints Monitoring Data specific to the resolver endpoints is exported to and monitored by CloudWatch. The raw data is collected at 5-minute intervals; converted into readable, near real-time data; and displayed in dashboards and tables you create. You can use Amazon CloudWatch to monitor the number of DNS queries that are forwarded by Route […]

Summary In this chapter, you examined the AWS Config service in detail. You saw how to start the configuration recorder to begin inventorying the resources in our AWS account, and reviewed the different types of rules available for AWS Config and how the rules get triggered inside an account. You also learned how to use […]

Limiting Data Access and Visibility First, keep people away whenever it is feasible. End users should consume the data as much as possible through an interface of some sort, such as a custom user interface (UI), a custom API, or another AWS service UI or API. Allowing access to the data directly where it is […]