AWS Well- Architected Framework - Security

Question 1

The Pillars of a Well - Architected Framework?

Answer 1

1) Security
2) Reliability
3) Performance Efficiency - effective use of resources to meet the requirement
4) Cost Optimization - reduce cost
5) Operational Excellence - documented practices and procedures.

Question 2

What does Security Consist of?

Answer 2

1) Data Protection
2) Privilege Management
3) Infrastructure Protection - protect data center & VPC level.
4) Detective Controls

Question 3

What questions should you ask with Security-Data Protection?

Answer 3

1) How are you encrypting and protecting your data at rest?

2) How are you encrypting and protecting you data in transit (SSL)?

Question 4

What questions should you ask with Security-Privilege Management

Answer 4

1) How are you protecting access to and use off the AWS root account Creds?
2) How are you defining roles and responsibilities of system users to control human access to the AWS Management Console and APIs?
3) How are you limiting automated access (such as from apps, scripts, 3rd party tools and services) to AWS resources?
4) How are you managing keys and credentials?

Question 5

What questions should you ask with Security-Infrastructure Protection

Answer 5

1) How are you enforcing network and host-level boundary protection?
2) How are you enforcing AWS service level protection?
3) How are you protecting the integrity of the OS on your EC2 instance?

Question 6

What questions should you ask with Security- Detective Controls

Answer 6

How are you capturing and analyzing AWS Logs?