183. Shared Responsibility Model: Reminders and Examples

0.0(0)
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/10

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

11 Terms

1
New cards

AWS responsibility

Security of the Cloud

2
New cards

Protecting infrastructure (hardware, software, facilities, and networking) that runs all the AWS services

AWS

3
New cards

Managed services like S3, DynamoDB, RDS, etc.

AWS

4
New cards

Customer responsibility

Security in the Cloud

5
New cards

For EC2 instance, customer is responsible for management of the guest OS (including security patches and updates), firewall & network configuration, IAM

You

6
New cards

Encrypting application data

You

7
New cards

Patch Management, Configuration Management, Awareness & Training

You and AWS

8
New cards

RDS

ā€¢ Manage the underlying EC2 instance, disable SSH access

ā€¢ Automated DB patching

ā€¢ Automated OS patching

ā€¢ Audit the underlying instance and disks & guarantee it functions

AWS

9
New cards

RDS

ā€¢ Check the ports / IP / security group inbound rules in DBā€™s SG

ā€¢ In-database user creation and permissions

ā€¢ Creating a database with or without public access

ā€¢ Ensure parameter groups or DB is configured to only allow SSL connections

ā€¢ Database encryption setting

You

10
New cards

S3

ā€¢ Guarantee you get unlimited storage

ā€¢ Guarantee you get encryption

ā€¢ Ensure separation of the data between different customers ā€¢ Ensure AWS employees canā€™t access your data

AWS

11
New cards

S3

ā€¢ Bucket configuration

ā€¢ Bucket policy / public setting

ā€¢ IAM user and roles

ā€¢ Enabling encryption

You