Network Security Flashcards
What are two additions to the out of the box security Snowflake provides
Layering on built in network policies - specify what IP addresses can connect
Integrating CSP (Cloud service provider) capabilities that may add more security to network connectivity (AWS Private Link)
All Snowflake network connectivity architectures include what five basic connections
- Snowflake account URL
- one or more OCSP
- Snowflake Internal Stage
- cloud storage
- The connection between the users’ browsers and the Snowflake Apps layer,
What are the two types of data flowing on the network paths
Customer’s Data
Online Certificate Status Protocol (OCSP) which is used to validate certificates used to establish TLS 1.2 tunnels for network communications.
T/F Only the OCSP traffic uses an unencrypted channel over port 80.
True
T/F Connectivity to the Snowflake internal stage is optional
False
T/F Connectivity to an external stage is optional
True
Integration with CSP Private networking are only available with
AWS Private Link and Azure Private Link
What encryption is used on all data communication out of the box
TLS 1.2
T/F Any design where a Network Policy is being used for every user is likely on the wrong path
True
When should CSP be really considered
When large amounts of data or extremely sensitive data is flowing
Which edition should you consider if you have HIPAA concerns
Business Critical Edition