Security & Encryption Flashcards
What is AWS WAF? What resources can the service be deployed with (5 total)?
WAF == ‘Web Application Firewall’. WAF is a service for protecting web-based applications from common exploits performed over HTTP (layer 7) using access control lists (ACL’s).
WAF can be deployed on any of the following resources located in the same region:
-CloudFront (Global)
-API Gateway
-Cognito User Pool
-AWS App Runner
-Application Load Balancrs
What is a Web ACL? What is a rule group? What is the default WAF action (allow/block) for incoming requests over http?
Web ACL == ‘Web Access Control List’ which is a set of rules used to determine what traffic is allowed/blocked for AWS resources on which a WAF has been deployed.
WAF can be configured to either allow or block all incoming traffic for which a rule has not been explicitly defined.
A rule group is a reusable set of pre-defined rules which can be attached to multiple Web ACL’s simultaneously.
List 4 different features of WAF and how they are used to protect against common web exploits.
1) Scans against HTTP headers, bodies, and URI strings to
protect against SQL Injection + Cross-Site Scripting (XSS) attacks.
2) Size constraints for blocking large request packets.
3) Geo-matching constraints for restricting specific countries.
3) Rate-based rules for counting request frequency (DDos Protection).
