Shield Flashcards
Shield
TL;DR for Shield?
Protects against DDoS attacks
Shield
Two flavors of Shield?
Standard and Advanced
Shield
Three types of DDoS attacks?
Volumetric attacks, protocol attacks, application layer attacks
Shield
What are Volumetric attacks?
Just saturate the incoming pipe so no other packets can get in
Shield
What OSI layer are volumetric attacks?
L3 (just throwing tons of anything at the target IP)
Shield
What are Protocol attacks (example)?
TCP SYN flood
Shield
What OSI layer are protocol attacks?
L4 (TCP specifically in this case)
Shield
Simplest possible L4 protocol attack?
Just open a ton of connections, but don’t do anything on them
Shield
What are Application Layer attacks?
Attack at the L7 protocol, like HTTP (web request flood)
Shield
Simple example of an Application Layer attack?
Flood server with “…?search=cat|dog|elephant|pony|…”
Shield
Why is the sample App Layer attack a thing?
Easy to send millions, server expends lots of resources searching for each request
Shield
Cost structure of Shield?
Standard is free, Advanced costs
Shield
What does Shield sit in front of?
VPC or Edge things
Shield Standard
What does Shield Standard protect against?
Common L3 and L4 attacks
Shield Standard
How do you configure Shield?
Don’t really. No knobs to turn, it just does it’s thing.