Shield Flashcards

1
Q

Shield

TL;DR for Shield?

A

Protects against DDoS attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Shield

Two flavors of Shield?

A

Standard and Advanced

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Shield

Three types of DDoS attacks?

A

Volumetric attacks, protocol attacks, application layer attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Shield

What are Volumetric attacks?

A

Just saturate the incoming pipe so no other packets can get in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Shield

What OSI layer are volumetric attacks?

A

L3 (just throwing tons of anything at the target IP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Shield

What are Protocol attacks (example)?

A

TCP SYN flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Shield

What OSI layer are protocol attacks?

A

L4 (TCP specifically in this case)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Shield

Simplest possible L4 protocol attack?

A

Just open a ton of connections, but don’t do anything on them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Shield

What are Application Layer attacks?

A

Attack at the L7 protocol, like HTTP (web request flood)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Shield

Simple example of an Application Layer attack?

A

Flood server with “…?search=cat|dog|elephant|pony|…”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Shield

Why is the sample App Layer attack a thing?

A

Easy to send millions, server expends lots of resources searching for each request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Shield

Cost structure of Shield?

A

Standard is free, Advanced costs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Shield

What does Shield sit in front of?

A

VPC or Edge things

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Shield Standard

What does Shield Standard protect against?

A

Common L3 and L4 attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Shield Standard

How do you configure Shield?

A

Don’t really. No knobs to turn, it just does it’s thing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Shield Advanced

Cost for Shield Advanced?

A

Around $3,000 per month, one year lock-in

17
Q

Shield Advanced

I can’t afford Shield Advanced for my whole company!

A

Cost is per AWS Organization, so covers lots of AWS accounts

18
Q

Shield Advanced

What does Shield Advanced cover?

A

Covers CloudFront, R53, Global Accelerator, anything on an EIP (LBs, EC2)

19
Q

Shield Advanced

What protections are enabled by default for Shield Advanced?

important

A

Not automatic - must explicit enable

20
Q

Shield Advanced

How does Shield Advanced save you money?

A

Protects from an attack cauing an ASG maxing out EC2

21
Q

Shield Advanced

What do you do if you discover an attack that caused ASG to go wild?

A

Shield Advanced has Cost Protection – avoid the charges

22
Q

Shield Advanced

How does Shield Advanced help you operationally?

A

Shield Response Team available and proactively tells you when you’re in duress

23
Q

Shield Advanced

How does Shield Advanced work, techncially?

A

Uses WAF for L7 filtering

24
Q

Shield Advanced

What cool thing is on the Shield web console?

A

Real-time visibility into DDoS attacks

25
Q

Shield Advanced

How does Shield Advanced stop application-layer attacks?

A

Uses WAF