Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SAA-C03 Topic 2 Question 47 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 47
Topic #: 2
[All SAA-C03 Questions]

A company is building an application in the AWS Cloud. The application is hosted on Amazon EC2 instances behind an Application Load Balancer (ALB). The company uses Amazon Route 53 for the DNS.

The company needs a managed solution with proactive engagement to detect against DDoS attacks.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS Shield Advanced is designed to provide enhanced protection against DDoS attacks with proactive engagement and response capabilities, making it the best solution for this scenario.

AWS Shield Advanced: This service provides advanced protection against DDoS attacks. It includes detailed attack diagnostics, 24/7 access to the AWS DDoS Response Team (DRT), and financial protection against DDoS-related scaling charges. Shield Advanced also integrates with Route 53 and the Application Load Balancer (ALB) to ensure comprehensive protection for your web applications.

Route 53 and ALB Protection: By adding your Route 53 hosted zones and ALB resources to AWS Shield Advanced, you ensure that these components are covered under the enhanced protection plan. Shield Advanced actively monitors traffic and provides real-time attack mitigation, minimizing the impact of DDoS attacks on your application.

Why Not Other Options?:

Option A (AWS Config): AWS Config is a configuration management service and does not provide DDoS protection or detection capabilities.

Option B (AWS WAF): While AWS WAF can help mitigate some types of attacks, it does not provide the comprehensive DDoS protection and proactive engagement offered by Shield Advanced.

Option C (GuardDuty): GuardDuty is a threat detection service that identifies potentially malicious activity within your AWS environment, but it is not specifically designed to provide DDoS protection.

AWS Reference:

AWS Shield Advanced - Overview of AWS Shield Advanced and its DDoS protection capabilities.

Integrating AWS Shield Advanced with Route 53 and ALB - Detailed guidance on how to protect Route 53 and ALB with AWS Shield Advanced.


by Salome at Sep 17, 2024, 11:12 AM

Limited Time Offer

25%

Off

Get Premium SAA-C03 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Tawanna
2 months ago
Option D is the way to go, no doubt. It's like having a bodyguard for your AWS resources - you can just sit back and let Shield Advanced do its thing.
upvoted 0 times
Kanisha
24 days ago
B) Enable AWS WAF on the ALB Create an AWS WAF web ACL with rules to detect and prevent DDoS attacks. Associate the web ACL with the ALB.
upvoted 0 times
...
Mitzie
1 months ago
I agree, AWS Shield Advanced is a great solution for proactive DDoS protection.
upvoted 0 times
...
Rima
1 months ago
D) Subscribe to AWS Shield Advanced. Configure hosted zones in Route 53 Add ALB resources as protected resources.
upvoted 0 times
...
...
Goldie
2 months ago
Option D is the clear winner here. AWS Shield Advanced is like a superhero for your infrastructure, and it takes all the headache out of DDoS protection.
upvoted 0 times
Breana
29 days ago
AWS Shield Advanced sounds like the perfect fit for this company's needs. It offers proactive engagement and peace of mind.
upvoted 0 times
...
Annelle
1 months ago
I agree, AWS Shield Advanced is a comprehensive solution for DDoS protection. It's a no-brainer choice for this scenario.
upvoted 0 times
...
Pamella
1 months ago
Option D is definitely the way to go. AWS Shield Advanced provides top-notch protection against DDoS attacks.
upvoted 0 times
...
...
Rosalind
2 months ago
Has anyone considered Option B? Setting up a custom AWS WAF web ACL could give us more control over the DDoS detection and prevention rules.
upvoted 0 times
...
Krissy
2 months ago
I'd go with Option C. GuardDuty is a powerful tool, and combining it with S3 logging sounds like a cost-effective way to detect and respond to DDoS threats.
upvoted 0 times
Sherly
1 months ago
True, but GuardDuty with S3 logging might be more cost-effective.
upvoted 0 times
...
Viola
1 months ago
I think AWS Shield Advanced could also be a strong option for DDoS protection.
upvoted 0 times
...
Maia
2 months ago
I agree, combining it with S3 logging seems like a smart move.
upvoted 0 times
...
Mirta
2 months ago
Option C sounds like a good choice. GuardDuty is really effective.
upvoted 0 times
...
...
Kyoko
2 months ago
Option D definitely gets my vote. Why mess with the rest when you can have the best protection from AWS Shield Advanced?
upvoted 0 times
Jamey
2 months ago
Definitely, it's better to go with the advanced protection offered by AWS Shield.
upvoted 0 times
...
Taryn
2 months ago
I agree, AWS Shield Advanced seems like the most comprehensive solution for DDoS protection.
upvoted 0 times
...
Janine
2 months ago
D) Subscribe to AWS Shield Advanced. Configure hosted zones in Route 53 Add ALB resources as protected resources.
upvoted 0 times
...
...
Muriel
3 months ago
That's a good point, Ashton. AWS WAF does offer strong protection. It's a tough decision between options B and D.
upvoted 0 times
...
Ashton
3 months ago
I disagree, I believe option B is the way to go. AWS WAF can help detect and prevent DDoS attacks effectively.
upvoted 0 times
...
Muriel
3 months ago
I think option D is the best choice. AWS Shield Advanced provides proactive DDoS protection.
upvoted 0 times
...

Save Cancel