Practice Test

True or False: AWS WAF is a web application firewall that helps protect your web applications from common web-based exploits.

  • Answer: True

Explanation: AWS WAF protects your web applications by monitoring HTTP and HTTPS requests coming to your web app. It helps to stop common web attacks by using rules that filter out malicious traffic.

AWS Shield is a managed service that provides protection for what?

  • A. Applications hosted on-premises
  • B. Applications running on AWS
  • C. Both A and B

Answer: C. Both A and B

Explanation: AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS and on-premises.

True or False: Data at rest in an AWS region is not protected by AWS Shield.

  • Answer: True

Explanation: AWS Shield protects applications against DDoS attacks, and those are typically directed at running applications, not data at rest.

With AWS WAF you can filter requests based on what?

  • A. IP addresses
  • B. HTTP headers
  • C. URI strings
  • D. All of the above

Answer: D. All of the above

Explanation: AWS WAF allows you to filter requests based on IP addresses, HTTP headers, and URI strings so that you can block, allow, or monitor (count) calls.

True or False: AWS Shield Advanced provides cost protection, which can help to cover extra data transfer or Amazon CloudWatch charges due to a DDoS attack.

  • Answer: True

Explanation: One of the additional features of AWS Shield Advanced is cost protection, which provides financial protection by covering extra costs incurred during a DDoS attack.

True or False: AWS WAF cannot protect against SQL injection attacks.

  • Answer: False

Explanation: AWS WAF helps to protect against common web exploits that could affect application availability, compromise security, or consume excessive resources, including SQL injection attacks.

AWS WAF is designed to protect which of the following?

  • A. Amazon CloudFront distributions
  • B. Amazon API Gateway APIs
  • C. AWS App Runner services
  • D. All of the above

Answer: D. All of the above

Explanation: AWS WAF can be utilized to protect Amazon CloudFront distributions, Amazon API Gateway APIs, as well as AWS App Runner services.

True or False: AWS Shield should be used for managing access to your AWS resources.

  • Answer: False

Explanation: AWS Shield is specifically designed for DDoS protection. For managing access to AWS resources, you would use services like AWS Identity and Access Management (IAM).

Invoking an AWS WAF protection requires manual coding.

  • Answer: False

Explanation: AWS WAF is designed with a simple web ACL (Access Control List) wizard that creates web ACLs with a few clicks, no manual coding is required.

AWS Shield only protects AWS services. Non-AWS services cannot be protected using AWS Shield.

  • Answer: False

Explanation: While AWS Shield is designed to protect applications running on AWS, it also extends DDoS protection to applications running on-premises or in other non-AWS environments when they use AWS Global Accelerator or Amazon CloudFront.

Interview Questions

What is AWS WAF?

AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excess resources.

How can AWS WAF help in securing an application?

AWS WAF gives control over which traffic to allow or block to your applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting.

What is AWS Shield?

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency.

What benefits can you expect from AWS Shield?

With AWS Shield, you can expect cost-effective protection against larger and more sophisticated attacks, global threat intelligence, and easy to use incident management and reporting.

How is AWS WAF integrated with other AWS services?

AWS WAF is integrated with Amazon CloudFront and the Application Load Balancer, services that AWS customers commonly use to deliver content for their websites and applications.

Can AWS shield be used without AWS WAF?

Yes, AWS Shield can be used independently from AWS WAF. However, combining both services will provide improved security by adding an additional layer of protections against more sophisticated attacks at the application layer.

What are the pricing models of AWS WAF and AWS shield?

Both AWS WAF and AWS Shield are a pay-as-you-go service, meaning you only pay for what you use.

What are the two levels of AWS shield service?

AWS Shield comes in two levels of service: AWS Shield Standard and AWS Shield Advanced. Shield Standard is automatically included to all AWS customers at no additional cost. Shield Advanced provides additional DDoS mitigation capabilities, cost protection, and 24/7 DDoS response team (DRT) access.

How can AWS Shield protect against larger and more complex attacks?

AWS Shield Advanced provides advanced threat intelligence and 24/7 access to DDoS response team (DRT), allowing sophisticated analysis of larger and more complex attacks and deployment of appropriate mitigation measures.

What is a web ACL in AWS WAF?

A web access control list (ACL) is a list of rules that you can configure and use to block or allow requests. It can be associated with one or more AWS resources, and each rule includes conditions, actions, and a priority.

How can rate-based rules be used in AWS WAF?

You can use rate-based rules to protect against brute-force login attempts by defining a maximum number of allow or block requests from a single IP address within a 5-minute period.

Can AWS WAF detect and block SQL injection and cross-site scripting attacks?

Yes, AWS WAF can identify patterns of SQL injection and cross-site scripting (XSS) attacks, and can block such requests based on rules defined in a web ACL.

How frequently can WAF rules be updated?

WAF rules can be updated as often as needed, and changes are propagated globally in minutes, providing the flexibility to evolve defence measures and respond quickly to new or changing threats.

What is AWS Firewall Manager?

AWS Firewall Manager is a security management service which allows you to centrally configure and manage AWS WAF rules across your accounts and applications.

What benefits does AWS Firewall Manager provide?

AWS Firewall Manager simplifies your AWS WAF administration by enabling you to deploy rules and protections across multiple accounts and resources with a single interface. It also ensures that new and existing applications and content follow a set of predefined security rules.

Leave a Reply

Your email address will not be published. Required fields are marked *