-
Book Overview & Buying
-
Table Of Contents
AWS Certified Database – Specialty (DBS-C01) Certification Guide
By :
The final domain will test your understanding of database security covering all aspects, from access and audit controls to patching for security fixes. This domain also covers encryption techniques, both of the stored data and in transit.
The topics covered in this domain are the following:
Now, let's begin to study these topics.
Encryption is used to make it harder for anyone unauthorized to see the data stored or in transit. You will need to know how to work with encryption at the database layer and how to encrypt connections between the application and the database.
Auditing is used to keep a record of actions made within a database, but it can cause performance issues if not configured correctly.
You will need to understand different auditing techniques and the tools AWS provides to assist.
Databases in AWS have multiple methods for access that differ depending on the database. AWS also has its own built-in identity management service that can be used to restrict or grant database access.
You will need to know which methods work with which databases and how to configure and administrate logins using different methods.
This area focuses on patching and why this is done. It also expects you to understand what your responsibilities are in terms of securing your own databases and what areas are the responsibility of AWS.
You will need to understand the AWS shared responsibility model as well as understand the patching strategies offered by AWS.