184. DDoS Protection: WAF and Shield

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/4

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

5 Terms

1
New cards

AWS Shield Standard

protects against DDOS attack for your website and applications, for all customers at no additional costs

• Free service that is activated for every AWS customer

• Provides protection from attacks such as SYN/UDP Floods, Reflection attacks and other layer 3/layer 4 attacks

2
New cards

AWS Shield Advanced

24/7 premium DDoS protection

• Optional DDoS mitigation service ($3,000 per month per organization)

• Protect against more sophisticated attack on Amazon EC2, Elastic Load Balancing (ELB), Amazon CloudFront, AWS Global Accelerator, and Route 53

• 24/7 access to AWS DDoS response team (DRP)

• Protect against higher fees during usage spikes due to DDoS

3
New cards

AWS Web Application Firewall

Filter specific requests based on rules

• Protects your web applications from common web exploits (Layer 7) • Layer 7 is HTTP (vs Layer 4 is TCP)

• Deploy on Application Load Balancer, API Gateway, CloudFront

4
New cards

Define Web ACL

Web Access Control List

5
New cards

Web Access Control List

• Rules can include IP addresses, HTTP headers, HTTP body, or URI strings

• Protects from common attack - SQL injection and Cross-Site Scripting (XSS)

• Size constraints, geo-match (block countries)

• Rate-based rules (to count occurrences of events) – for DDoS protection