Topic 1 Question 205
A company needs to protect against potential botnet command and control traffic from any Amazon EC2 instances that is in in the company’s AWS Environment.
Which solution will meet these requirements?
Use AWS Shield Advanced. Activate Shield Advanced protections on the EC2 instances to filter and block botnet traffic.
Use Amazon Route 53 Resolver DNS Firewall. Add a rule to a rule group to use the AWSManagedDomainsBotnetCommandandControl managed domain list with an action to block botnet traffic.
Use AWS WAF Bot Control. Configure a managed rule group that uses an AWS managed rule set to block botnet traffic.
Use AWS Systems Manager. Run a Systems Manager Automation runbook on the EC2 instances to configure the instances to block botnet traffic.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: B👍 3luisgu2024/09/03
- 正解だと思う選択肢: B
The question talks about "botnet command and control traffic". The most common and effective way to intercept such traffic is at the DNS level, where many botnets rely on domain names to communicate with their C2 servers. The Amazon Route 53 Resolver DNS Firewall is specifically designed to block DNS queries to known malicious domains, including those used for botnet C2 traffic. If it was application-level traffic AWS WAF Bot Control would apply.
👍 2Cacheirez2024/08/13 - 正解だと思う選択肢: B
Amazon Route 53 Resolver DNS Firewall with the AWSManagedDomainsBotnetCommandandControl managed rule group:
Scalable and Managed: Automatically updates the list of known botnet domains. Preemptive Blocking: Prevents EC2 instances from resolving malicious domains. Low Operational Overhead: Easy to implement and maintain.👍 2woorkim2024/12/15
シャッフルモード