📋 Security and Compliance Cheat Sheet

Security design in SAP-C02 is layered across identity, network, data, detection, audit, and organizational guardrails.

Why This Cheat Sheet Matters for SAP-C02

This cheat sheet covers the most important AWS Security and Compliance concepts tested on the SAP-C02 (AWS Solutions Architect Professional) certification exam. It contains 2 sections with 8 key points that you should memorize before exam day. Design layered security with IAM, KMS, CloudTrail, Config, GuardDuty, Security Hub, Inspector, Macie, WAF, Shield, and audit evidence. Use this as a quick-reference guide during your final review sessions.

2Sections
8Key Points

Control Layers

  • IAM controls who can call APIs and under what conditions.
  • KMS key policies and grants control key administration and usage.
  • CloudTrail records API activity for audit and investigation.
  • AWS Config records configuration history and evaluates compliance rules.

Threat and Edge Controls

  • GuardDuty detects suspicious activity from logs and telemetry.
  • Security Hub aggregates findings and compliance checks.
  • WAF protects web applications with web ACLs and rules.
  • Shield Advanced adds enhanced DDoS protection and response support.

Practice Security & Compliance Questions

Put your knowledge to the test with practice questions.

Security & Compliance Questions →Full SAP-C02 Quiz

More SAP-C02 Cheat Sheets

📋AWS Organizations Cheat Sheet📋Advanced Networking Cheat Sheet📋Resilience and DR Cheat Sheet📋Migration and Modernization Cheat Sheet📋Cost Optimization Cheat Sheet📋Database Architecture Cheat Sheet
← SAP-C02 Study HubFree Mock Exam7-Day Study Plan