Cloud Security Flashcards

1
Q

What are the AWS Assurance/Compliance 3 Major Categories?

A

Certifications/Attestations

Laws, Regulations, and Privacy

Alignments/Frameworks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the major AWS Compliance Certifications to be aware of?

A

ISO 27001

PCI DSS Level 1

SOC 1

SOC 2

SOC 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A _____ _____ is a check to see if your AWS infrastructure meets a given compliance standard. (I;E - even though AWS itself might, your infrastructure or application may not)

A

Gap Audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the Important Compliance Laws, Regulations and Privacies (AWS adheres to these)?

A

HIPAA - Standard required to store health information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the most importan Compliance Alignments and Frameworks (AWS adheres to these)?

A

G-Cloud UK - Required for hosting government customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does “AWS Manages security of the cloud, security in the cloud is the responsibility of the customer.” mean?

A

Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would in an on-site datacenter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does the AWS Shared Responsibility Model Look Like (Graphic)?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When the Shared Responsibility Topic Comes up, what is the easy way to remember who is responsible for what?

A

Think about the things you would actually be able to control yourself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is WAF?

A

Web Application Firewall

Protects from common web exploits that could

affect availability

compromise security

consume excessive resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the difference between using Elastic Load Balancers with security groups as security vs using a WAF?

A

ELB/Security Groups secure protocols and ports (Layer 4)

WAF - Can actually read the data being sent (Layer 7)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is AWS Shield?

A

Managed DDoS protection

safeguards web apps

always-on detection

enacts inline mitigations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the two tiers of AWS Shield?

A

Standard - free and comes by default

Advanced $3K/month

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is AWS Inspector?

A

Automated Security Assessment

Audits for vulnerabilities or deviation from best practices

Produces a lined report ordered by criticality

Installed on your EC2 instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is AWS Trusted Advisor?

A

Optimization guidance for your environment for

cost optimization

performance

security

fault tolerance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the two levels of AWS Trusted Advisor?

A

Core Checks and Recommendations (free)

Full Trusted Advisor - Business and Enterprise only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What do roles do?

A

Allows you to delegate access to users, applications, and services so they can connect to other AWS resources.

E;G Create a role -> add a policy -> apply role to EC2 instance -> anything connected to the instance has access to the services identified in the role policy

17
Q

When are you allowed to apply roles to an EC2 instance?

A

Any time and it will take effect immediately