# Knowledge of:• AWS best practices for incident response• Cloud incidents• Roles and responsibilities in the incident response plan• AWS Security Finding Format (ASFF)
## Skills in:• Implementing credential invalidation and rotation strategies in response to compromises (for example, by using AWS Identity and Access Management [IAM] and AWS Secrets Manager)• Isolating AWS resources• Designing and implementing playbooks and runbooks for responses to security incidents• Deploying security services (for example, AWS Security Hub, Amazon Macie, Amazon GuardDuty, Amazon Inspector, AWS Config, Amazon Detective, AWS Identity and Access Management Access Analyzer)• Configuring integrations with native AWS services and third-party services (for example, by using Amazon EventBridge and the ASFF)
