Multiple choice:
- Read question carefully and highlight key points.
- Don't spend too long thinking about a question - skip and go back to it later.
- If you have spare time at the end, re-read each question carefully to check if your answer made sense.
- There are usually two blatantly incorrect answers, and two answers that could be right. Narrow down your choices.
AWS Specific
- Lots of questions on stopping lateral movement across EC2s
- Most of the time you need to stop the instance and take a snapshot for forensic purposes.
- You also need to make sure that security groups in an Auto-Scaling Group do not allow for transmission between instances on the same tier.
- Understand cross-account access to various resources.
- Understand "blast-radius" of compromised AWS keys (KMS).
- CloudWatch or any AWS service cannot monitor your EC2 instances unless an Agent has been installed.