Security Flashcards
attack that attempts to make your website or application unavailable to your end users
DDoS Attack
DDoS attack that is referred to as a SYN flood. Works on the transport layer (TCP)
Layer 4 DDoS Attack
Reflection attacks include things such as NTP, SSDP, DNS, CharGEN, and SNMP attacks
Amplification Attack
Occurs where a web server receives a flood of GET or POST requests usually from a botnet or large number of compromised computers
Layer 7 attack
Enable operational and risk auditing, governance, and compliance of your AWS account. visibility into your user and resource activity
CloudTrail
increases visibility into your user and resource activity by recording AWS actions and API calls
CloudTrail
Service that provides two levels of protection against DDoS attacks(Layer 3 and 4): Standard and Advanced
AWS Shield
Provides expanded DDoS attack protection for your Amazon EC2 instances, Elastic Load Balancing load balancers, Amazon CloudFront distributions, and Amazon Route 53 hosted zones
AWS Shield
Service that lets you monitor HTTP and HTTP requests that are forwarded to CloudFront or a Load Balancer
AWS WAF
Threat detection service that uses machine learning to continuously monitor for malicious behavior
Amazon GuardDuty
service automatically applies your WAF rules across your accounts and resources, even as you add new resources.
Firewall Manager
Service that uses machine learning and pattern watching to discover sensitive (PII, PHI, financial data) data stored in S3. Used for HIPAA and GDPR compliance
Macie
automatically assesses applications for vulnerabilities or deviations from best practices. Used to perform vulnerability scans on both EC2 instances and VPC
Amazon Inspector
Detailed list of security findings prioritized by level of severity in Inspector
Assessment Findings
Analysis to check for ports reachable from outside the VPC
Network Assessments
Is an inspector agent required for Network Assessments?
No
Vulnerable software (CVE) host hardening (CIS Benchmarks), and security best practices
Host Assessments
Is an inspector agent required for Host Assessments
Yes
managed service that makes it easy for you to create and control the encryption keys used to encrypt your data
Key Management Service
Provides you with centralized control of the lifecycle and permissions of your keys
KMS
Key that is a logical representation of a master key. Includes metadata such as the key id creation date, description, and key state.
Customer master key (CMK)
Is a physical computing device that safeguards and manages digital keys and performs encryption and decryption functions
Hardware security model (HSM)
Primary way to manage access to your AWS KMS CMK is with
Policies
policies attached to resources
resource-based policies
