In this chapter, you examined the AWS Config service in detail. You saw how to start the configuration recorder to begin inventorying the resources in our AWS account, and reviewed the different types of rules available for AWS Config and how the rules get triggered inside an account.
You also learned how to use AWS Config in a multi-account or multi-Region setup and the differences between using a single-account setup. The chapter concluded with a list of the key points on the AWS Config service you will need to know for the AWS exam.
Chapter 6, Event Management with Security Hub and GuardDuty, will discuss the Incident Response pillar, diving deep into the services of AWS Security Hub and AWS GuardDuty. You will see how these two services can work hand in hand and provide visibility into your accounts while simultaneously detecting abnormalities that need to be remediated.
Note
If you have spun up the configuration recorder as part of the exercise given in this chapter, make sure to spin it down once you are through. It will incur charges as long as it is running in your account. The commands below can help you with this task.
To stop the configuration recorder, use the following command:
aws config service stop-configuration-recorder –configuration-recorder-name packt
To delete the configuration recorder, use the following command:
aws configservice delete-configuration-recorder –configuration-recorder-name packt
For additional information on the AWS shared responsibility model and the underlying foundation of AWS security, please look at the following resources:
Apart from a solid understanding of key concepts, being able to think quickly under time pressure is a skill that will help you ace your certification exam. That is why working on these skills early on in your learning journey is key.
Chapter review questions are designed to improve your test-taking skills progressively with each chapter you learn and review your understanding of key concepts in the chapter at the same time. You’ll find these at the end of each chapter.
How To Access These Resources
To learn how to access these resources, head over to the chapter titled Chapter 21, Accessing the Online Practice Resources.
To open the Chapter Review Questions for this chapter, perform the following steps:
Alternatively, you can scan the following QR code (Figure 5.7):
Figure 5.7: QR code that opens Chapter Review Questions for logged-in users
Figure 5.8: Chapter Review Questions for Chapter 5
For the first three attempts, don’t worry about the time limit.
ATTEMPT 1
The first time, aim for at least 40%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix your learning gaps.
ATTEMPT 2
The second time, aim for at least 60%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix any remaining learning gaps.
ATTEMPT 3
The third time, aim for at least 75%. Once you score 75% or more, you start working on your timing.
Tip
You may take more than three attempts to reach 75%. That’s okay. Just review the relevant sections in the chapter till you get there.
Target: Your aim is to keep the score the same while trying to answer these questions as quickly as possible. Here’s an example of how your next attempts should look like:
| Attempt | Score | Time Taken |
| Attempt 5 | 77% | 21 mins 30 seconds |
| Attempt 6 | 78% | 18 mins 34 seconds |
| Attempt 7 | 76% | 14 mins 44 seconds |
Table 5.2: Sample timing practice drills on the online platform
Note
The time limits shown in the above table are just examples. Set your own time limits with each attempt based on the time limit of the quiz on the website.
With each new attempt, your score should stay above 75% while your time taken to complete should decrease. Repeat as many attempts as you want till you feel confident dealing with the time pressure.
Acedexam Training Policies
Learning resources
Other resources
Our Training Providers
