Let's quickly go through some important concepts around Security Hub and its related services:

• Security Hub is a regional service. If cost is not a constraint, it is recommended to enable it in all regions.
• Security Hub can integrate with third-party security tools such as Alert Logic, Armor, Atlassian Opsgenie, and more.
• We can archive security findings from the Findings page so that older ones won't appear on the page.
• The Center for Internet Security (CIS) provides security standards for different servers, applications, and cloud providers. For example, they provide a set of security standards that are specific to AWS security.
• CIS Benchmarks for AWS can be categorized into four categories: identity and access management, logging, monitoring, and networking. 
• IAM Access Analyzer uses logic-based reasoning to analyze resource-based policies in our AWS environment to inform us which resources in our account are shared with external principals. 
• AWS Firewall Manager can be used to manage firewall rules across accounts and applications.

Learning about and understanding the CIS security benchmark controls for AWS will provide us a better sense of security while working with AWS infrastructure. These controls can also help us take better decisions at work and even during exams.