In this chapter, we learned about the different types of storage available for an EC2 instance and when they are used. We also learned about data encryption and Amazon's KMS. We walked through how to create additional storage for an EC2 instance using the EBS block storage, and mount it to an EC2 instance for use. Additionally, we learned how we can recover lost data from an EBS storage volume through memory analysis using TSK.
In an attempt to secure our data, we learned how we can use EBS volume encryption using AWS KMS to encrypt data at rest. We also saw how full disk encryption can prevent someone from retrieving sensitive data.
This brings us to the end of this chapter. In the next chapter, we will learn about S3 storage and how to identify vulnerable S3 buckets. We will also see how S3 bucket kicking is done and how to exploit vulnerable S3 buckets.
...