Aws Security

Front 1

What is the AWS shared responsibility model?

Back 1

• AWS Provide the security
• You are responsible for using it to protect the integrity/confidentiality of your customers data

Front 2

What is an ISMS, and what is its significance?

Back 2

Information Security Management System - this can be thought of as a domain where you own a part and AWS owns a part

Front 3

Which 3 parts are WE broadly responsible for keeping secure across the AWS set of technology?

Back 3

• Operating systems (must patch)
• Platforms
• Data

Front 4

Which types of services can have security applied?

Back 4

• Infrastructure services (E.g. EC2)
• Container
• Abstracted Services

Front 5

In the example of EC2, what would AWS be responsible for keeping secure?

Back 5

• The facilities (data must be available since DoS is one kind of vulnerability)
• Network Infrastructure
• Virtualization Infrastructure
• Physical security of the hardware itself

Front 6

In the example of EC2, what 7 things would we be responsible for securing, or using to secure?

Back 6

• Data in transit
• Data at rest
  
• Data stores (i.e. the databases)
  
• Credentials
• Policies
• O/S
• AMIS

Front 7

What is IAM?

Back 7

The service to manage users/groups, credentials and permission policies

Front 8

What are access keys used for?

Back 8

Programmatic interaction with the API (via SDK or CLI)

Front 9

What are infrastructure services defined as? Which level of technology must we keep secure?

Back 9

• Compute Services provided by AWS.
  
• You control the AMI to instantiate the services, and the OS it will run on (by virtue of choosing the AMI)

Front 10

What are containers services defined as? Which level of technology must we keep secure?

Back 10

• Services where you don't need to manage the OS as the service is running in a container provided by Amazon.
  
• You do need to worry about network rules and identity management

Front 11

What are abstracted services?

Back 11

• Technologies that don't even give you an option of where to run on, things like S3 and Dynamo DB.
  
• You only have to care about securing access to these, not the network rules.

Front 12

EC2 instances allow access via SSH when they you create one from an AMI - how is this different from access keys?

Back 12

These are for access to the operating system of the EC2 instance, not to the AWS API

Front 13

What security options do I have the option of when using infrastructure services to secure user data?

Back 13

• Client side encryption
• Server side encryption

Front 14

What security options do I have the option of when using infrastructure services to access a given set of resources?

Back 14

• Network traffic protection

Front 15

With container services, AWS takes responsibility for the infrastructure AND the O/S. What must you set up?

Back 15

• Security Groups and firewall rules
• Data protection by encryption
  

Front 16

When it comes to abstracted services, there is very little left for us to configure. What options are we left with to secure these kinds of resources?

Back 16

• Data protection by encryption
• IAM to stop unauthorised access to a resource

Front 17

What is the Trusted Advisor tool?

Back 17

A tool for analysing your security configuration for mistakes and optimisation opportunities

Front 18

What would the AWS account be defined as?

Back 18

The account that represents a relationship between you and AWS - where the billing gets done.

Front 19

What are IAM users and their relationship to the AWS account? There are 2 parts to the answer.

Back 19

• The AWS account will create IAM users.
  
• IAM users can be humans, AWS services, or applications
  

Front 20

What is the best practice for creating users?

Back 20

One IAM user per individual, i.e. no two people sharing an AWS identity.

Front 21

What is the best practice for the permissions of a user?

Back 21

• Use permissions to grant only what a user needs to do (least privilege)
  
• Place users in groups to avoid having to set them individually

Front 22

What is a policy?

Back 22

The mapping between a resource (e.g. EC2 instance, S3 bucket) and a set of permissions on that resource

Front 23

How do IAM roles with temporary credentials work?

Back 23

• A locked down role is defined and configured
• User/applications/services are allowed to assume this role ad-hoc
  
• The *role* gives the caller temporary credentials.
  

Front 24

How would an IAM role work with temp credentials allow an EC2 resource access to read from an S3 bucket?

Back 24

• Admin creates role with a policy on that bucket to allow reads
• The role also has a policy that allows a developer to launch the role using an EC2 instance
  
• Application running on the EC2 instance gets temp credentials from the role
• Using these temp credentials, the S3 bucket is access by the application
  

Front 25

How do IAM roles work to allow cross-account access?

Back 25

You create a policy in your AWS account that allow access to a subset of your resources to another AWS Account

Front 26

How do IAM roles work with federated access?

Back 26

• User goes to broker store
• Broker authenticates user with corp identity store
• Broker takes authenticated user and uses their identity to get a temp set of credentials from AWS STS
• With the token they can then get a temp url to access the AWS API or Management console
  
  

Front 27

What kind of policies are there to authorise access to a resource?

Back 27

• Resource polices - AWS user allows IAM users access to a specific resource
• Capability policies - IAM Users are given capabilities - which may override resource based policies

Front 28

Which 5 strategies are there for protecting data at rest and what are their use cases?

Back 28

• Permissions - only allow access to the right individuals
  
• Versioning - allow roll-backs in case the data is corrupted.
  
• Replication - Provide more availability if one instance goes down
• Backup - Alternative to versioning and replication
  
• Encryption - stop the data being seen.
  

Front 29

Which strategies are there for protecting data in transit and what is their use case?

Back 29

• HTTPS
• Offload SSL/HTTPS processing onto load balancers instead of the web servers themselves (computationally expensive so a performance hit)
• Use TLS on database server traffic
  

Front 30

What is VPC used for?

Back 30

You can build private clouds within the AWS public cloud

Front 31

If I want to ensure my VPC isn't reachable from the internet, how can I achieve this?

Back 31

Use a private subnet. e.g a 172. or 10. space as per RFC 1918

Front 32

If I want to allow internet connections to say EC2 instances, but not to the DB server behind it, how can I achieve this?

Back 32

Create a VPC just for the EC2 instances, and then allocate an elastic IP address to those (TBC)

Front 33

What is the concept of an security zones vs a traditional network segment ?

Back 33

• A security zone is a logical grouping (components with similar security levels are grouped)
  
• A network segment is physical (components are assigned an address within an isolated subnet )
  

Front 34

What 6 methods are there to control access to network segments?

Back 34

• Make networks isolated using a VPC
• Use security groups to apply common policies to access of components within that group
• Use Network Access Control lists to block at the IP level
• Use host based firewalls
• Use a threat protection layer
• Apply access controls (e.g IAM and credentials)
  

Front 35

What are ACLS and how do they work?

Back 35

They are an additional layer of security for a network VPC. You modify this to tighten/relax access

Front 36

What is a threat protection layer?

Back 36

An extra level of servers between your apps and the ELB.