AWS Security Awareness Training Quiz

Maintaining an inventory of network devices is considered a best practice for security because it allows organizations to have a comprehensive understanding of their network infrastructure. By keeping track of all network devices, including routers, switches, and firewalls, organizations can easily identify any unauthorized or rogue devices that may pose a security risk. Additionally, having an inventory helps with managing software updates, patches, and vulnerabilities, ensuring that all devices are up to date and secure. This practice also aids in incident response and troubleshooting, as organizations can quickly locate and address any issues with specific network devices.

IDS stands for Intrusion Detection System. This system is designed to monitor network traffic and detect any unauthorized or suspicious activities that may indicate a security breach or intrusion. It helps in identifying potential threats and taking appropriate actions to prevent them. Therefore, the correct answer is Intrusion Detection System.

The given statement is false because Amazing Web Services installs multiple firewalls in multiple locations. This ensures that their clients' systems are well-protected from potential threats and attacks. By having multiple firewalls in different locations, they can create a layered defense system that enhances security and reduces the risk of unauthorized access or breaches.

All of the above network protocols should be restricted because they pose security risks. Telnet, rlogin, and rsh are insecure protocols that transmit data in clear text, making it easy for attackers to intercept sensitive information. FTP and anonymous FTP allow unauthorized access to files and can be exploited by attackers. TFTP is also insecure and lacks authentication mechanisms. P2P (peer-to-peer) networks can facilitate the unauthorized sharing of copyrighted material and can expose users to malware. IRC and instant messaging can be used for malicious activities and can also expose users to phishing attempts and malware.

The statement "IDS signatures never need to be updated" is false. IDS (Intrusion Detection System) signatures are used to identify and detect specific patterns or behaviors associated with known attacks or vulnerabilities. As new threats emerge, it is necessary to update the signatures to ensure that the IDS can effectively detect and respond to the latest attacks. Regular updates are essential to keep the IDS up-to-date and capable of detecting new and evolving threats. Therefore, the correct answer is false.

AWS uses ingress and egress filtering to control data coming into and going out of the network. Ingress filtering refers to the process of filtering incoming data packets to ensure that they meet certain criteria or security policies before allowing them into the network. On the other hand, egress filtering involves filtering outgoing data packets to prevent unauthorized or malicious traffic from leaving the network. These filtering mechanisms help enhance network security by allowing only authorized and safe traffic to enter or leave the network.

All of the reasons listed in the options are valid reasons to NOT notify law enforcement in the event of a data breach. Control of the information, information systems, facilities, and flow of information is a concern because involving law enforcement may result in loss of control over the investigation and potential dissemination of sensitive information. Publicity is a concern because notifying law enforcement may attract unwanted attention and damage the reputation of the company. The risk of continued hacking or malware activities is a valid concern as involving law enforcement may alert the perpetrators and lead to further attacks. The risk of equipment seizure and interruption to business during an investigation is a valid concern as it may disrupt normal operations. Legal protections that apply to the alleged perpetrator regarding unreasonable search is also a valid concern as it may lead to legal complications.

The network diagram for AWS network assets must include major network zones and primary services, wireless network connection points, and remote network connection points. This is because these elements are essential for understanding the overall network architecture and connectivity within the AWS environment. Workstations, on the other hand, are not typically included in network diagrams as they are end-user devices and do not directly affect the network infrastructure.

WPA2 is the most secure and widely used encryption protocol for wireless connections. It provides strong encryption and authentication, making it difficult for hackers to intercept or crack the wireless traffic. Other encryption protocols like WEP and WPA have been proven to be vulnerable to various attacks. Therefore, it is recommended to use WPA2 to ensure the confidentiality and integrity of wireless communications.

The training covered the domain of networks, specifically LAN, LAN-to-WAN, and WAN. This means that the training focused on teaching about the different types of networks and how they are connected, including local area networks (LAN), LAN-to-wide area network (WAN) connections, and wide area networks (WAN). The training likely included topics such as network protocols, network architecture, network security, and troubleshooting network issues.

Proxies are used to monitor web browsing and file transfers for users to limit dangerous or inappropriate network activities. Proxies act as intermediaries between users and the internet, allowing them to access websites and transfer files while also providing a layer of control and security. By monitoring the traffic passing through the proxy server, administrators can enforce restrictions, filter out malicious content, and prevent unauthorized access to certain websites or files. This helps to ensure a safer and more controlled browsing experience for users within a network.

Telnet is not recommended for use on AWS for connecting to remote systems. AWS recommends using Secure Shell (SSH) for secure remote login and command execution. Telnet is an unencrypted protocol, which means that any data sent over the network can be intercepted and read by attackers. SSH, on the other hand, provides encryption and secure authentication, making it a safer option for remote connections on AWS. Therefore, the correct answer is False.

"Amazing Web Services periodically scans for rogue devices on the network" means that the web services regularly search for unauthorized or malicious devices that may have connected to the network without permission. These devices are commonly referred to as "rogue" devices because they are not part of the authorized network infrastructure. By scanning for these rogue devices, the web services can identify and address any potential security threats or vulnerabilities.

The security group will conduct periodic scans for wireless devices in the spectrum. This means that they will be checking for any wireless devices operating within a specific range of frequencies. By conducting these scans, the security group can identify any unauthorized or potentially malicious wireless devices that may pose a threat to the network.

Remote access connections to AWS must be approved and secured. This means that before any remote access connection is established, it must go through an approval process to ensure that it meets the necessary requirements and is authorized. Additionally, these connections must be secured to protect sensitive data and prevent unauthorized access. Security measures such as encryption, authentication, and access controls should be implemented to ensure the confidentiality, integrity, and availability of the remote access connections.