AWS Shield | Configuring Protections Flashcards

1
Q

is AWS Shield HIPAA eligible?

Configuring Protections

AWS Shield | Security, Identity & Compliance

A

Yes, AWS has expanded its HIPAA compliance program to include AWS Shield as a HIPAA eligible service. If you have an executed Business Associate Agreement (BAA) with AWS, you can use AWS Shield to safeguard your web applications running on AWS from Distributed Denial of Service (DDoS) attacks. For more information, see HIPAA Compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What types of attacks can AWS Shield help me stop?

Configuring Protections

AWS Shield | Security, Identity & Compliance

A

AWS Shield helps protects your website from all types of DDoS attacks including Infrastructure layer attacks (like UDP floods), State exhaustion attacks (like TCP SYN floods), and Application layer attacks (like HTTP GET or POST floods). See the AWS WAF and AWS Shield Advanced Developer Guide for examples.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What types of attacks can AWS Shield Standard help protect me from?

Configuring Protections

AWS Shield | Security, Identity & Compliance

A

AWS Shield Standard automatically provides protection for web applications running on AWS against the most common, frequently occurring Infrastructure layer attacks like UDP floods, and State exhaustion attacks like TCP SYN floods. Customers can also use AWS WAF to protect against Application layer attacks like HTTP POST or GET floods. Find more details on how to deploy application layer protections in the AWS WAF and AWS Shield Advanced Developer Guide.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How many resources can I enable for AWS Shield Standard protection?

Configuring Protections

AWS Shield | Security, Identity & Compliance

A

There is no limit on the number of resources subject to AWS Shield Standard protection. You can get the full benefits of AWS Shield Standard protections by following the best practices of DDoS resiliency on AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How many resources can I enable for AWS Shield Advanced protection?

Configuring Protections

AWS Shield | Security, Identity & Compliance

A

You can enable up to 100 AWS resources (e.g., load balancers, Amazon CloudFront distributions, Amazon Route 53 delegation sets) for AWS Shield Advanced protection. If you want to enable more than 100, you can request for a limit increase by creating an AWS Support case.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Can I activate AWS Shield Advanced protection via API?

Configuring Protections

AWS Shield | Security, Identity & Compliance

A

Yes. AWS Shield Advanced can be activated via APIs. You can also add or remove AWS resources from AWS Shield Advanced protection via APIs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly