CertMaster Practice: 3.0 Security Architecture Flashcards

1
Q

A cloud administrator wants to directly connect a cloud server instance with another cloud server instance privately on Amazon Web Services (AWS). How can the administrator configure them without going through an internet gateway?

A

By using a virtual private cloud (VPC) peering connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define a ‘virtual private cloud (VPC) peering connection’

A

Allowing routing traffic between two VPCs using private IPv4 addresses or IPv6 addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When implementing an IDS/IPS, where is the best place to deploy the device?

A

In inline mode at the network perimeter allows for real-time analysis and reaction to potential threats, providing comprehensive protection for all inbound and outbound network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where should an IDS sensor be delpoyed?

A

At network choke points ensures that they can monitor both inbound and outbound traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the ideal method to protect data in use?

A

Implementing permission restrictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly