A city has deployed a web application running on Amazon EC2 instances behind an Application Load Balancer (ALB). The application's users have reported sporadic performance, which appears to be related to DDoS attacks originating from random IP addresses. The city needs a solution that requires minimal configuration changes and provides an audit trail for the DDoS sources.
Which solution meets these requirements?
AWS Shield Advanced is specifically designed to provide additional protections against DDoS attacks. Engaging the AWS DDoS Response Team (DRT) will help integrate mitigating controls into the service. This solution provides both minimal configuration changes and an audit trail, meeting all the requirements mentioned in the question.
C is the correct answer
C is the correct answer. Amazon Inspector is an automated vulnerability management service whereas AWS Shield Advanced is a managed service that helps you protect your application against external threats, like DDoS attacks, volumetric bots, and vulnerability exploitation attempts. For higher levels of protection against attacks.
DDoS = AWS Shield
C is the correct answer
C looks correct
C is the correct answer, AWS Shield Advanced.
(A & D) are incorrect. AWS WAF Web ACL - contain WAF rules that define how to inspect web requests and what to do when a web request matches the inspection criteria. We don't have the inspection criteria necessary to use WAF Web ACL effectively bc DDoS attacks are originating from random IP addresses. The AWS DDoS Response Team can respond to the randomness. (B) is incorrect. Amazon Inspector - a service that analyzes your EC2 instances to identify potential security and configuration issues. Inspector is not good at dealing with an actual DDOS attack like AWS Shield Advanced.
AnswerC