Module 6: Security (Part 4) Flashcards
What is AWS Shield?
AWS Shield is a service provided by AWS to protect applications against DDoS attacks. It offers two levels of protection: AWS Shield Standard and AWS Shield Advanced.
What features does AWS Shield Advanced provide?
AWS Shield Advanced is a paid service that offers more comprehensive protection against sophisticated DDoS attacks. It provides advanced attack diagnostics, integration with other AWS services like Amazon CloudFront and Amazon Route 53, and the ability to create custom rules with AWS Web Application Firewall (AWS WAF) for targeted mitigation.
How does AWS Shield help minimize the impact of DoS and DDoS attacks?
AWS Shield detects and mitigates DDoS attacks in real time, safeguarding AWS resources and helping to ensure the availability and performance of applications. It offers proactive defense mechanisms and enhanced security measures to combat various types of DDoS attacks.
What is AWS Key Management Service (AWS KMS)?
AWS Key Management Service (AWS KMS) is a service that allows you to manage cryptographic keys used for encrypting and decrypting data. It provides secure and centralized key management, allowing you to control access to your keys and ensure the security of your data at rest and in transit.
How does AWS KMS help in securing data?
AWS KMS enables you to create, manage, and use cryptographic keys to encrypt and decrypt data. It allows you to control access to your keys, disable keys when not in use, and ensures that your keys are securely stored within AWS KMS. This helps in protecting the confidentiality and integrity of your data.
What is AWS WAF?
AWS WAF (Web Application Firewall) is a service that helps protect web applications from common web exploits and attacks. It works in conjunction with Amazon CloudFront and Application Load Balancer to monitor and control network requests coming into your web applications. Using web access control lists (ACLs), AWS WAF allows you to block or allow specific traffic based on predefined rules and conditions.
How can AWS WAF be used to allow or block specific requests?
With AWS WAF, you can configure web access control lists (ACLs) to specify rules for allowing or blocking specific requests. For example, you can define IP addresses that should be blocked from accessing your application and configure the ACL to deny access for requests coming from those IP addresses. Requests that do not match the blocked IP addresses will be allowed access.
What is Amazon Inspector?
Amazon Inspector is a service that performs automated security assessments on your applications. It helps improve the security and compliance of your applications by identifying security vulnerabilities and deviations from best practices. Amazon Inspector provides a list of security findings, prioritized by severity level, along with recommendations on how to address each finding.
What is Amazon GuardDuty?
Amazon GuardDuty is a threat detection service for AWS infrastructure and resources. It continuously monitors network activity and account behavior within your AWS environment to identify potential security threats. GuardDuty analyzes data from various sources, such as VPC Flow Logs and DNS logs, and provides detailed findings about detected threats, along with recommended remediation steps.
