Practice Test
True or False: In AWS, you are solely responsible for protecting your infrastructure from external threats like DDoS and SQL injection.
- True
- False
Answer: True
Explanation: This is in line with the shared responsibility model of AWS. AWS is responsible for the security ‘of’ the cloud, while customers are responsible for security ‘in’ the cloud which includes protecting against threats like DDoS and SQL injection.
Which of these practices can help protect against SQL injection attacks in your AWS environment?
- a. Regular security patch updates
- b. Input validation
- c. Principle of least privilege
- d. All of the above
Answer: d. All of the above
Explanation: All these practices contribute to securing your AWS environment. Regular updates and patching reduce vulnerability to attacks, input validation prevents malicious data from passing through, and following the principle of least privilege ensures that users/systems only have access to necessary information/resources.
AWS Shield is a service primarily designed to help protect against which type of external threat?
- a. DDoS attacks
- b. SQL Injection
- c. Brute Force attack
- d. Phishing attacks
Answer: a. DDoS attacks
Explanation: AWS Shield is a managed distributed denial of service (DDoS) protection service that safeguards applications and data on AWS.
True or False: You can completely eliminate the risk of DDoS and SQL injection attacks on your AWS infrastructure by using AWS services.
- True
- False
Answer: False
Explanation: No system or solution can entirely eliminate the risk of these threats. However, AWS services and best practices can significantly reduce and manage these risks.
Which among these AWS services helps in mitigating SQL Injection attacks?
- a. AWS Inspector
- b. AWS WAF
- c. AWS Macie
- d. AWS GuardDuty
Answer: b. AWS WAF
Explanation: AWS WAF is a web application firewall that helps protect web applications from common web exploits, including SQL injection attacks.
True or False: Using HTTPS for your sites hosted on AWS can mitigate the risk of DDoS attacks.
- True
- False
Answer: False
Explanation: While HTTPS adds a layer of security, it does not specifically protect against DDoS attacks. Services like AWS Shield are designed to mitigate DDoS threats.
Which of the following third-party tools can protect against external threats to AWS?
- a. Imperva Incapsula
- b. Google Cloud Armor
- c. Microsoft Azure SQL Database
- d. Salesforce Shield
Answer: a. Imperva Incapsula
Explanation: Imperva Incapsula is a cloud-based application delivery service that protects against various external threats including DDoS and SQL injection.
True or False: AWS inherently protects your applications against SQL Injection.
- True
- False
Answer: False
Explanation: While AWS provides services like AWS WAF to protect against SQL injection, it doesn’t inherently protect your applications. It’s always necessary to follow best practices to prevent any attacks.
DDoS attacks focus on _______________ in your AWS environment.
- a. Consuming excessive resources
- b. Exploiting application vulnerabilities
- c. Stealing user credentials
Answer: a. Consuming excessive resources
Explanation: DDoS attacks primarily aim to overwhelm your system’s resources, making your services unavailable to legitimate users.
SQL injection attacks typically target which layer of your AWS stack?
- a. Application layer
- b. Network layer
- c. Infrastructure layer
Answer: a. Application layer
Explanation: SQL injection attacks occur when an attacker attempts to manipulate your application to interact with the database in ways you did not intend, which is in the application layer of your AWS stack.
Interview Questions
What is a DDoS attack?
A DDoS (Distributed Denial of Service) attack is a malicious attempt to disrupt the normal functioning of a network, service, or website by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
How does AWS handle DDoS attacks?
AWS uses AWS Shield – a managed DDoS protection service that safeguards applications running on AWS. AWS Shield provides automatic DDoS detection and mitigation allowing applications to maintain their performance and availability.
What is SQL injection?
SQL Injection is a code injection technique that attackers can use to insert malicious SQL statements into input fields for execution. The attack can lead to unauthorized viewing of data, data manipulation, and even data deletion.
What are some practices AWS recommends to prevent SQL injection attacks?
To prevent SQL Injection attacks, AWS recommends using parameterized queries, using stored procedures, limiting database permissions, and regularly updating and patching systems.
What is the purpose of AWS WAF?
AWS WAF (Web Application Firewall) helps to protect web applications from common web exploits such as SQL injection and Cross-Site Scripting (XSS) that could affect application availability, compromise security, or consume excessive resources.
What is Threat Vector in the context of cybersecurity?
A Threat Vector is a path that a threat takes to breach a computer system or network. Common threat vectors include email, web, and cloud.
How can Amazon RDS help minimize the risk of SQL injection?
Amazon RDS can help minimize the risk of SQL injection by using parameter markers in SQL statements, implementing strict web form validation, and limiting the privileges of database accounts used by web applications.
Is AWS Shield capable of dealing with DDoS attacks?
Yes, AWS Shield is specifically designed to handle DDoS attacks, providing automatic DDoS detection and protections that minimize application downtime and latency.
How can AWS GuardDuty help in threat detection?
AWS GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect AWS accounts and workloads. It identifies unusual or unauthorized activity like crypto-currency mining, data exfiltration or instances in a VPC behaving anomalously.
What is the role of Amazon Macie in data security?
Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data like Personally Identifiable Information (PII). It helps to identify potential data loss and unauthorized access to data.
Can AWS Inspector assist in identifying security vulnerabilities?
Yes, Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS by identifying potential security issues, unwanted network exposure, and deviations from best practices.
What are some of the methods used in a DDoS attack?
Common methods used in a DDoS attack include flooding the network with traffic, often from a botnet of zombie computers, as well as exploiting system vulnerabilities to cause high CPU usage and render the target system ineffective.
How does AWS help in DDoS mitigation?
AWS provides a variety of services and features for DDoS mitigation, including AWS Shield for automatic DDoS detection and mitigation, elastic load balancing to distribute traffic, and Amazon CloudFront and AWS Route 53 to absorb attacks at the edge locations.
What is the role of AWS CloudTrail in security?
AWS CloudTrail is a service that records AWS account activity for security analysis, resource change tracking, and compliance auditing. It records details of all API calls made on your account and delivers log files to an Amazon S3 bucket.
How can AWS VPC assist in security?
Amazon Virtual Private Cloud (VPC) allows users to provision a logically isolated section of the AWS Cloud where they can launch AWS resources in a virtual network that they define. It provides complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. This helps in enhancing the security of the data and applications.
extutorials.com