Which security measures fall into AWS’s responsibility?

You are running a web-application on AWS consisting of the following components an Elastic Load Balancer
(ELB) an Auto-Scaling Group of EC2 instances running Linux/PHP/Apache, and Relational DataBase Service
(RDS) MySQL.
Which security measures fall into AWS’s responsibility?

You are running a web-application on AWS consisting of the following components an Elastic Load Balancer
(ELB) an Auto-Scaling Group of EC2 instances running Linux/PHP/Apache, and Relational DataBase Service
(RDS) MySQL.
Which security measures fall into AWS’s responsibility?

A.
Protect the EC2 instances against unsolicited access by enforcing the principle of least-privilege access

B.
Protect against IP spoofing or packet sniffing

C.
Assure all communication between EC2 instances and ELB is encrypted

D.
Install latest security patches on ELB. RDS and EC2 instances

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *

w00f

w00f

B

The rest A,C,D is your responsibility.

Reply

ghost

ghost

B cos AWS owns the SDN
D cos AWS owns the underlying OS/hypervisor for these services and customers cannot access these

Reply

VERGEBLAZE

VERGEBLAZE

It’s B&D

both network layer and patches on managed services are handled by AWS.

Up to customer to make security rules and encrypt their data.

Reply

Sam T

Sam T

B.
Not D b’cas- AWS patches everything not just ELB. Would have preferred D – if said ‘everything’, as prevention of ‘sniffing’ etc is part of AWS design, they don’t have to do anything (ongoing) unlike patches which is ongoing

Reply

charm

charm

B.
Protect against IP spoofing or packet sniffing

Reply