Security Flashcards

1
Q

What does the AD Connector require, and what does it Provide

A

Requires an existing AD server
Provides access to AWS assets via AD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can AD Connector support MFA

A

Using a RADIUS based MFA server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What AD features does Simple AD support?

A

User Accounts, Groups, Group Policies, Domains, Kerberos SSO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Does Simple AD support MFA? Does it support Trust Relationships?

A

No to both

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

NACL & SG: Which is Stateful and Stateless

A

NACL is Stateless
SG is Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What’s the difference between a Stateful and Stateless Firewall?

A

Stateful remembers connections, Stateless doesn’t.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Do NACL’s and SG’s support outbound rules?

A

NACL’s do
SG’s don’t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Ephemeral Ports and what is their port range?

A

Ports that are open one at a time for unique visitor requests. Port range is 1024 – 65535

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe CloudHSM

A

Physical client-provided encryption encryption key device for generating RSA and AES signatures. Required to pass FIPS 140-2 Level 3 compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe AWS KMS

A

Tool for Creating, Storing, Managing, and Auditing encryption keys within AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What’s the difference between CloudWatch and CloudTrail

A

CloudWatch tracks resource usage (like Zabbix). CloudTrail tracks API calls made within AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly