Topic 1 Question 35
A company is preparing to launch a public-facing web application in the AWS Cloud. The architecture consists of Amazon EC2 instances within a VPC behind an Elastic Load Balancer (ELB). A third-party service is used for the DNS. The company's solutions architect must recommend a solution to detect and protect against large-scale DDoS attacks. Which solution meets these requirements?
Enable Amazon GuardDuty on the account.
Enable Amazon Inspector on the EC2 instances.
Enable AWS Shield and assign Amazon Route 53 to it.
Enable AWS Shield Advanced and assign the ELB to it.
ユーザの投票
コメント(16)
- 正解だと思う選択肢: D
AWS Shield Advanced provides expanded DDoS attack protection for your Amazon EC2 instances, Elastic Load Balancing load balancers, CloudFront distributions, Route 53 hosted zones, and AWS Global Accelerator standard accelerators.
👍 19BoboChow2022/10/13 - 正解だと思う選択肢: D
Answer is D C is incorrect because question says Third party DNS and route 53 is AWS proprietary
👍 19ninjawrz2022/10/14 - 正解だと思う選択肢: D
The correct answer is D: Enable AWS Shield Advanced and assign the ELB to it.
AWS Shield is a service that provides DDoS protection for your AWS resources. There are two tiers of AWS Shield: AWS Shield Standard and AWS Shield Advanced. AWS Shield Standard is included with all AWS accounts at no additional cost and provides protection against most common network and transport layer DDoS attacks. AWS Shield Advanced provides additional protection against more complex and larger scale DDoS attacks, as well as access to a team of DDoS response experts.
To detect and protect against large-scale DDoS attacks on a public-facing web application hosted on Amazon EC2 instances behind an Elastic Load Balancer (ELB), you should enable AWS Shield Advanced and assign the ELB to it. This will provide advanced protection against DDoS attacks targeting the ELB and the EC2 instances behind it.
👍 6Buruguduystunstugudunstuy2022/12/19
シャッフルモード