22 Questions
What is the primary purpose of Auto Scaling in the context of DDoS mitigation?
To scale servers up or down in response to changes in traffic
What type of security mechanism is depicted in the diagram, situated between the edge location and the web application servers?
Web Application Firewall (WAF)
What is the primary function of the DMZ in the given network architecture?
To act as a buffer zone between the public internet and the private subnet
Which of the following is NOT a component of the AWS Shared Responsibility Model?
Physical Security
What is the primary purpose of a Security Group in the context of AWS?
To filter incoming traffic based on IP addresses
What is the primary function of AWS IAM?
To manage user access to AWS resources
What is the primary purpose of CloudFront in the context of DDoS mitigation?
To cache frequently accessed content at edge locations
What is the primary purpose of ELB in the context of DDoS mitigation?
To distribute incoming traffic across multiple servers
What is the primary purpose of AWS WAF?
To protect web applications from common web exploits
What is the main difference between Authentication and Authorization?
Authentication is about verifying identity, while Authorization is about granting access to resources
What is the primary benefit of using AWS IAM?
To enhance security and compliance for AWS resources
What is the main purpose of AWS CloudTrail?
To monitor and log AWS API calls for security and compliance
What is the primary benefit of using encryption for data in transit?
To protect data from unauthorized access and theft
What is the main difference between AWS Security and Compliance Programs?
Security programs focus on protecting data, while Compliance programs focus on meeting regulatory requirements
What is the primary benefit of using AWS STS?
To provide temporary security credentials for identities and services
What is the main purpose of AWS Cognito?
To provide identity and access management for web and mobile applications
What is the primary purpose of OAuth 2.0 standard?
To delegate authorization to devices and apps using tokens
In the context of network security, what is the primary function of a firewall?
To control incoming and outgoing network traffic
What is the AWS Shared Responsibility Model primarily concerned with?
Dividing security responsibilities between AWS and its customers
What is the primary purpose of AWS IAM?
To manage user identities and access control in AWS
What is the primary function of AWS CloudTrail?
To monitor and log AWS API calls and resource usage
What is the primary purpose of security groups in a network?
To filter and restrict network traffic to specific resources
Study Notes
Security Concepts
- Access Control involves Authentication and Authorization
- Authentication establishes identity through username and password, access key ID and secret access key, federated identity with Single Sign-on (SSO), Identity providers, OpenID Connect, SAML, Multi-factor Authentication, and Web applications
- Authorization determines what resources can be accessed and involves control at multiple levels: network control, file system permissions, OS policies, and applications
AWS Security
- AWS IAM involves Users, Groups, Roles, Authorization using Policies, and securing AWS accounts
- AWS Authentication includes Cognito, Directory service, STS, Web Identity
- Securing Data involves encryption in transit and at rest
- Securing the System involves DDOS mitigation, AWS WAF
- Auditing involves AWS CloudTrail and Config
AWS Shared Responsibility Model
- AWS is responsible for security of the cloud
- Customers are responsible for security in the cloud
- Shared responsibility includes infrastructure, platform, and application security
DDoS Mitigation
- DDoS mitigation involves Auto Scaling, WAF, CloudFront, ELB, and security groups
- DMZ, public subnet, and private subnet are used in DDoS mitigation architecture
Learn about preventing common exploits in the security pillar, including DDoS mitigation examples and auto-scaling with WAF.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
