DDoS Flashcards

1
Q

AWS DDoS Whitepaper location

A

https://d1.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does DDoS stand for?

A

Distributed denial of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a DDoS attack?

A

An attempt to make a website or application unavailable to users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Some methods used to achieve a DDoS

A

Large Packet floods, a combination of reflection and application techniques, or botnets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a reflection attack?

A

a method of attacking a challenge-response authentication system that uses the same protocol in both directions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an amplification attack?

A

An indirect attack where the attacker queries a reflector posing as the victim’s IP. The response is sent to the victim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

in information security, what is a “reflector”?

A

A server that is open to the public and will respond to queries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a botnet?

A

A network of systems with specialized malware that carry out preprogrammed instructions those from a centralized command system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How much bigger is a query response than the query itself?

A

28x - 54x larger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a layer 7 attack?

A

A flood of GET requests that overwhelm the server’s system resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Slowloris attack?

A

An attack that targets an application’s maximum connection limit through opening, and keeping open, many connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Mitigate a DDoS attack - Method 1

A

Minimize the attack surface - Use application load balancing with firewall restrictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Mitigate a DDoS attack - Method 2

A

Be ready to absorb the attack with via automated scaling procedures ready.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Mitigate a DDoS attack - Method 3

A

Safegaurd exposed resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Mitigate a DDoS attack - Method 4

A

Learn normal behavior - Know normal traffic behavior for your site to make identification easier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Mitigate a DDoS attack - Method

A

Create a plan for attacks

17
Q

What AWS service protects against DDoS attacks?

A

AWS Shield

18
Q

What services does AWS Shield protect?

A

Elastic Load Balancing, CloudFront, Route 53

19
Q

Which types of attacks does Shield protect against?

A

SYN/UDP floods, Reflection, and other Layer 3/4 attacks

20
Q

True or False, AWS has an advanced, enterprise grade Shield service?

A

True. $3000/month

21
Q

True or false, with AWS Shield Advanced, victims do not incur charges for initialized autoscaling groups resulted from DDoS attacks?

A

True. Advanced customers are “shielded” from additional costs as a result of DDoS attacks.

22
Q

True or False: AWS has a dedicated support team for AWS Shield Advanced customers?

A

True

23
Q

True or False: AWS Shield Advanced offers near real time notifications of DDoS attacks?

A

True

24
Q

The AWS DDoS Response Team is available 8-5, 7 days a week for customers?

A

False. They are available 24x7

25
Q

What are the AWS technologies that can be used to help mitigate a DDoS attack?

A
CloudFront
Route 53
ELBs
WAFs
Autoscaling
CloudWatch