CertMaster Practice: 3.0 Security Architecture Flashcards
A cloud administrator wants to directly connect a cloud server instance with another cloud server instance privately on Amazon Web Services (AWS). How can the administrator configure them without going through an internet gateway?
By using a virtual private cloud (VPC) peering connection
Define a ‘virtual private cloud (VPC) peering connection’
Allowing routing traffic between two VPCs using private IPv4 addresses or IPv6 addresses.
When implementing an IDS/IPS, where is the best place to deploy the device?
In inline mode at the network perimeter allows for real-time analysis and reaction to potential threats, providing comprehensive protection for all inbound and outbound network traffic.
Where should an IDS sensor be delpoyed?
At network choke points ensures that they can monitor both inbound and outbound traffic.
What is the ideal method to protect data in use?
Implementing permission restrictions.