A construction firm has stored all its project documents in the Amazon S3 bucket with external vendors accessing this data on a need basis.
The Security Team performs an audit for this access & is looking for cryptographic protocols used by vendors to access this data.
Which of the following can help to collect this data?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - A.
Amazon S3 Server Access Logs can be used to record the following fields.
· Bucket Owner.
· Bucket.
· Time.
· Remote IP.
· Requestor.
· Request ID.
· Operation.
· Key.
· Request-URI.
· HTTP Status.
· Error Code.
· Bytes Sent.
· Object Size.
· Total Time.
· Turn-Around Time.
· Referer.
· User-Agent.
· Version Id.
· Host Id.
· Signature Version.
· Cipher Suite.
· Authentication Type.
· Host Header.
· TLS version.
Option B is incorrect as Cipher Suite will provide details of SSL negotiated for HTTPS request to S3.
Option C is incorrect as the Host Header provides details of the endpoint used to connect Amazon S3.
Option D is incorrect as it provides details of the signature version used for connection.
For more information on the Amazon S3 Access Logging format, refer to the following URL-
https://docs.aws.amazon.com/AmazonS3/latest/dev/LogFormat.htmlThe construction firm has stored all project documents in Amazon S3, and external vendors are accessing the data on a need basis. The Security Team wants to collect information on the cryptographic protocols used by the vendors to access this data. To collect this data, the Security Team can enable server access logging, and check different aspects of the requests.
Option A suggests enabling server access logging and checking the Transport Layer Security (TLS) version for all requests. TLS is a protocol that provides privacy and data integrity between two communicating applications. By checking the TLS version for all requests, the Security Team can determine which cryptographic protocol was used by the vendors to access the data. This option is a possible solution.
Option B suggests enabling server access logging and checking the Cipher Suite for all requests. A Cipher Suite is a set of cryptographic algorithms used to secure a network connection. By checking the Cipher Suite for all requests, the Security Team can determine which cryptographic protocol was used by the vendors to access the data. This option is a possible solution.
Option C suggests enabling server access logging and checking the Host Header for all requests. The Host Header is a part of the HTTP request that specifies the domain name of the server that is being accessed. Checking the Host Header for all requests will not provide any information on the cryptographic protocols used by the vendors to access the data. This option is not a valid solution.
Option D suggests enabling server access logging and checking the Signature Version for all requests. Signature Version is a feature used to sign requests in Amazon S3. Checking the Signature Version for all requests will not provide any information on the cryptographic protocols used by the vendors to access the data. This option is not a valid solution.
In conclusion, options A and B are valid solutions, whereas options C and D are not. Therefore, the Security Team can enable server access logging and check the TLS version or Cipher Suite for all requests to collect the data on cryptographic protocols used by vendors to access data stored in Amazon S3.