This certification preparation material would help you in getting the jobs in the AWS Fields

AWS Developer Certification : Associate Level AWS Sysops Administrator Certification : Assciate Level AWS Solution Architect Certification : Associate Level AWS Soltion Architect : Professional Level AWS Certified Security Specialty (SCS-C01) AWS Professional certification Exam AWS Certified Big Data – Specialty (BDS-C00) AWS Certified Machine Learning MLS C01 Certification Prepration Materal AWS Solution Architect : Training Associate AWS Advanced Networking Certifications AWS Exam Prepare : Kinesis Data Stream Book : AWS Solution Architect Associate : Little Guide AWS Security Specialization Certification: Little Guide SCS-C01 AWS Package Deal

While applying to the Job you need to mention referred by : | or Website :


Question 28: You are working as a head of IT security in one of the retail bank, your web applications and other databases are hosted on AWS. You have been using all the services from AWS to protect the data. You are still worried about the ......................./IPS (Intrusion Detection and Prevention System). Which of the following you can use for that?

  1. You will be using Network ACL and all the CloudTrail logs to get network events.
  2. You will be using KMS solution to encrypt all the traffic on your network and monitor any suspicious activity using CloudWatch.
  3. Correct Answer..... Deep Security.
  4. You will be using third party IAM solution like OneLogin.

Ans: C

Detailed Explanation: If you read question, it requires solution for IDS/IPS Intrusion Detection. Intrusion Detection is required to analyze the network traffic and each data packet needs to be analyzed.

If you check option

Option-1: Network ACL is good for avoiding unwanted traffic, but it cannot analyze the data packets and reports any vulnerability. Hence, it can not correct answer.

Option-2: KMS is AWS managed solution ..........

Option-3: .........................

IDS/DPS Infrastructure security: Sometimes you may need third party solution as well to protect your infrastructure and one of them is below.

  1. IDS/IPS : Intrusion detection and prevention system
  1. IDS/IPS prevent network attacks and breaches of their IT env.
  2. Intrusion Detection monitor inbound and outbound network traffic to discover unusual activity which can be used an attempt to gain access to an IT env.
  3. A very co................