Professional Documents
Culture Documents
AWS Security Questionnaire
AWS Security Questionnaire
Secure Configuration
Are you ensuring cloudfront distribution using HTTPS?
Are you restricting access to cloud trail bucket?
Are you encrypting cloud trail bucket logs at rest?
Are you encrypting EBS Database?
Are you using roles to provision resources using IAM?
How are you making sure that EC2 Security groups don't have large number of ports open?
How are you making sure that only secure SSL-Ciphers are been used to connect between client and ELB?
Is encryption of RDS automated?
How are you making sure that access keys are not being used with root accounts?
Are you enabling the require_ssl parameter in allRedshift clusters?
Is SSH Keys rotated periodically?
is there any process in place to remove unused access keys, IAM users and SSH keys?
Infrastructure Security
Are you using Antimalware solution for EC2 instances?
Are you using AWS solution SHIELD to protect against DDOS attack?
Is there any NIPS solution for traffic hitting the DMZ servers?
Are you using NACL and Security group for filtering traffic?
Are you using AWS organization to control policies for multiple accounts?
Are you using AWS Secrets manager for encrypting and rotaing keys for databases?