Amazon Exam SAA-C02 Topic 6 Question 27 Discussion

Actual exam question for Amazon's SAA-C02 exam

Question #: 27
Topic #: 6

A solutions architect is performing a security review of a recently migrated workload. The workload is a web application that consists of Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The solutions architect must improve the security posture and minimize the impact of a DDoS attack on resources

Which solution is MOST effective?

AConfigure an AWS WAF ACL with rate-based rules Create an Amazon CloudFront distribution that points to the Application Load Balancer Enable the WAF ACL on the CloudFront distribution

BCreate a custom AWS Lambda function that adds identified attacks into a common vulnerability pool to capture a potential DDoS attack Use the identified information to modify a network ACL to block access

CEnable VPC Flow Logs and store them in Amazon S3 Create a custom AWS Lambda function that parses the togs looking for a DDoS attack Modify a network ACL to block identified source IP addresses

DEnable Amazon GuardDuty and configure findings written to Amazon CloudWatch Create an event with CloudWatch Events for DDoS alerts that triggers Amazon Simple
Notification Service (Amazon SNS) Have Amazon SNS invoke a custom AWS Lambda function that parses the logs looking for a DDoS attack Modify a network ACL to block identified source IP addresses

Show Suggested Answer

Suggested Answer: D

by Hermila at Jun 26, 2022, 04:27 PM

Limited Time Offer

25%

Off

Get Premium SAA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!