You are running a web-application on AWS consisting of the following components an Elastic Load Balancer
(ELB) an Auto-Scaling Group of EC2 instances running Linux/PHP/Apache, and Relational DataBase Service
(RDS) MySQL.
Which security measures fall into AWS’s responsibility?
A.
Protect the EC2 instances against unsolicited access by enforcing the principle of least-privilege access
B.
Protect against IP spoofing or packet sniffing
C.
Assure all communication between EC2 instances and ELB is encrypted
D.
Install latest security patches on ELB. RDS and EC2 instances
Answer is B
https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf
1
0
B
The rest A,C,D is your responsibility.
0
0
B cos AWS owns the SDN
D cos AWS owns the underlying OS/hypervisor for these services and customers cannot access these
0
0
Its B. See http://jayendra-patil.blogspot.com.br/2016/03/aws-security-whitepaper-overview.html
0
0
It’s B&D
both network layer and patches on managed services are handled by AWS.
Up to customer to make security rules and encrypt their data.
0
0
B
0
0
B
0
0
B
0
0
B.
Not D b’cas- AWS patches everything not just ELB. Would have preferred D – if said ‘everything’, as prevention of ‘sniffing’ etc is part of AWS design, they don’t have to do anything (ongoing) unlike patches which is ongoing
0
0
B.
Protect against IP spoofing or packet sniffing
0
0