Responding to compromised resources (for example, by isolating Amazon EC2 instances)
Designing mechanisms to require encryption when connecting to resources (for example, Amazon RDS, Amazon Redshift, CloudFront, Amazon S3, Amazon DynamoDB, load balancers, Amazon Elastic File System [Amazon EFS], Amazon API Gateway)
Designing environment monitoring and workload monitoring based on business and security requirements
Capabilities and use cases of AWS services that provide data sources (for example, log level, type, verbosity, cadence, timeliness, immutability)
Long-term and temporary credentialing mechanisms
Defining edge security strategies for common use cases (for example, public website, serverless app, mobile app backend)
Activating logs, metrics, and monitoring around edge services to indicate attacks
AWS Security Incident Response Guide
Analyzing architectures to identify monitoring requirements and sources of data for security monitoring
Applying instance roles and service roles as appropriate to authorize compute workloads
Identifying sensitive data by using Macie
Activating host-based security mechanisms (for example, host-based firewalls)
Security features on edge services (for example, AWS WAF, load balancers, Amazon Route 53, Amazon CloudFront, AWS Shield)
How TLS certificates work with various network services and resources (for example, CloudFront, load balancers)
Analyzing log sources to identify problems