Sie sind auf Seite 1von 2

Exam Objectives:

AWS Solutions Architect Associate Exam


Direct Connect
Directory Services
CloudFormation
IAM
OpsWorks
ElasticBeanStalk
HA and DR
Trusted Advisor
Import/Export
RDBMS
Security
Networking
EBS
CloudWatch
KMS
Global Infrastructure
EC2
Storage
Storage Gateway
AWS Solutions Architect Associate Exam
S3
RDS
VPC
AutoScaling
Load Balancers
SQS
Disaster Recovery
DynamoDB
Elasticache
RedShift
SNS
SWF
Route53
CloudFront
Kinesis
EMR

How security responsibilities are shared between AWS and you, the customer
How to define and categorize your assets
How to manage user access to your data using privileged accounts and groups
Best practices for securing your data, operating systems, and network
How monitoring and alerting can help you achieve your security objectives

Know the AWS Shared Responsibility Model


AmazonWeb Services provides a secure global infrastructure and services in the c
loud. You can build your systems using AWS as the foundation, and architect an I
SMS that takes advantage of AWS features.
To design an ISMS in AWS, you must first be familiar with the AWS shared respons
ibility model, which requires AWS and customers to work together towards securit
y objectives.
AWS provides secure infrastructure and services, while you, the customer, are re
sponsible for secure operating systems, platforms, and data. To ensure a secure
global infrastructure, AWS configures infrastructure components and provides ser
vices and features you can use to enhance security, such as the Identity and Acc
ess Management (IAM) service, which you can use to manage users and user permiss
ions in a subset of AWS services. To ensure secure services, AWS offers shared r
esponsibility models for each of the different type otype of service that we off
er:
Infrastructure services
Container services
Abstracted services
The shared responsibility model for infrastructure services, such as Amazon Elas
tic Compute Cloud (Amazon EC2) for example, specifies that AWS manages the secur
ity of the following assets:
Facilities
Physical security of hardware
Network infrastructure
Virtualization infrastructure
Consider AWS the owner of these assets for the purposes of your ISMS asset defin
ition. Leverage these AWS controls and include them in your ISMS.
In this Amazon EC2 example, you as the customer are responsible for the security
of the following assets:
AmazonMachine Images (AMIs)
Operating systems
Applications
Data in transit
Data at rest
Data stores
Credentials
Policies and configuration