Security Flashcards
Coupling
Coupling defines the interdependencies or connections between components of systems
Loose coupling
Loose coupling helps reduce the risk of cascading failures between components
Loose coupling components are connected but not dependent on one another
Tight Coupling
Components are highly dependent on each other
If one fails they all fail
Queues
Queues are used to implement loosely coupled systems
Simple Queue Service (SQS)
A message queueing service that allows you to build loosely coupled systems
Allows component to component communication using messages
Multiple components (or producers) can add messages to the queue
Messages are processed in an a synchronous manner
Simple Notification Service (SNS)
Send email and text messages
Publish messages to a topic
Subscribers receive messages
Allows sending of email and text from your apps
Simple Email Service
An email service that allows you to send richly formatted HTML emails from your app
Ideal choice for marketing campaigns or professional emails
Unlike SNS, SES sends HTML formatted emails
Cloud Watch
A collection of services that help you monitor & observe your cloud resources
Collect metrics, logs, & events
Detect anomalies in your environment
Set alarms
Visualize logs
Can set high res alarms, monitor app logs, visualize time series data, and trigger an event based on a condition
Cloud Trail
Tracks user activity & API calls with in your account
Log and retain account activity
Track activity through the console, SDKs, and CLI
Identify which user made changes
Detect unusual activity in your account
Shared Responsibility Model
Outlines your responsibility vs. AWS’s when it comes to security and compliance
Well Architected Framework
Describes design principles & best practices for running workloads in the cloud
Identity & Access Management (IAM)
Control access to AWS services and resources
Shield
Managed distributed denial of service (DDOS) protection service service
Always on detection
Shield standard is free - provides free protection against common & frequently occurring attacks
Shield advanced is paid - provides enhanced protections & 24/7 access to AWS experts
Shield DDOS Protection Supported by:
Cloud Front, Route 53, Elastic Load Balancing, & AWS Global Accelerator
Web Application Firewall
WAF helps protect your web apps against common web attacks
Protects against SQL injection
Protects against cross site scripting
Macie
Helps discover and protect sensitive data
Uses machine language
Evaluates S3 environment
Discovers PII
Config
Allows assessment, auditing, & evaluation of config of resources
Track configuration changes over time
Delivers config history file to S3
Notifications via Simple Notification Service (SNS) of every configuration change
Guard Duty
Intelligent threat detection system that uncovers unauthorized behavior
Uses machine learning
Built in detection for EC2, S3, & IAM
Reviews cloud trail, Vpc flow logs & DNS logs
Great for detecting things like unusual API calls which are common techniques for attackers