A company has moved its sensitive workloads to the cloud and needs to ensure high availability and resiliency of its web-based application. The cloud architecture team was given the following requirements:
• The application must run at 70% capacity at all times
• The application must sustain DoS and DDoS attacks.
• Services must recover automatically.
Which of the following should the cloud architecture team implement? (Choose three.)
To ensure high availability and resiliency of a web-based application in the cloud while meeting the given requirements, the cloud architecture team should implement Autoscaling, WAF, and Containerization. Autoscaling helps maintain the application at 70% capacity by automatically adjusting resources based on demand, ensuring that the application is responsive to traffic fluctuations. A Web Application Firewall (WAF) is essential to protect against DoS and DDoS attacks by filtering and blocking malicious traffic before it reaches the application. Containerization enables the deployment and management of applications in isolated containers, which are resilient to failure. Container orchestration platforms can automatically restart or reschedule containers in case of failure, ensuring continuous service operation and automatic recovery.
C. Autoscaling: This is important to ensure high availability and resiliency of the web-based application. By using autoscaling, additional resources can be automatically allocated to handle spikes in traffic or when the application is running at or near capacity. D. WAF: This is important for protecting the application against DoS and DDoS attacks. A Web Application Firewall (WAF) can help detect and block malicious traffic and attacks on the application. E. CDN: This is important for improving the performance and availability of the application. By using a Content Delivery Network (CDN), content can be delivered from a distributed network of servers, reducing latency and improving the user experience.
C. Autoscaling - keep the application running at 70% at all times. Scale up and down as traffic demands. E. Use a CDN, NOT A WAF!!! WAF does not protect against DOS and DDOS attackes, it protects against other types of attacks. H. Containerization WITH AUTOSCALING is literally the industry standard for auto-recovery of applications today. I have no idea why anyone would say snapshot or what the idea would be--when the server fails a health check kick off a work pipeline to reinstantiate it? That will take FOREVER and also won't work for a few other reasons. Containerize your application and when the app fails (misses a health check with the load balancer) it will simply be replaced. That's how literally everything works today right now.
C. Autoscaling: Autoscaling helps maintain the application at 70% capacity at all times by automatically adding or removing resources based on the current demand. It also ensures that the application is always available even during a surge in demand. D. WAF: A web application firewall (WAF) helps protect the application against DoS and DDoS attacks by filtering out malicious traffic before it reaches the application. It can also block suspicious traffic and help prevent common web application attacks. G. Continuous snapshots: Continuous snapshots help ensure that data is not lost in case of a disaster or an attack. By continuously backing up the data, the application can be restored to a recent state in case of a problem.
Web-based applications must be online as much as possible. "High availability and resiliency" Snapshots are ideal when performing administrative changes and have to wait until verification that the new changes don't impact services. However, they do nothing for real-time resiliency to maintain operations. A Content delivery network includes the ability to keep website content online in the face of network problems, hardware failures, and network congestion. A CDN is designed to circumvent network congestion and be resilient against service interruption. WAF is to further mitigate DoS and DDoS attacks Autoscaling assists with handling any increase in workload until mitigation measures are enacted (DDoS measures are usually enacted automatically) CDN - focuses on high availability and seamless recovery.
Compare out put from Gemini, Chat GPT, Copilot and best judgement.
CDE, correct
CDG. WAF for DoS, DDoS: WAF-https://learn.microsoft.com/en-us/azure/web-application-firewall/shared/application-ddos-protection.
• C. Autoscaling: Autoscaling allows the cloud architecture to automatically adjust the number of compute resources (such as virtual machines or containers) based on real-time traffic demands. It ensures that the application runs at 70% capacity or as required, thus maintaining availability during varying load conditions. • D. WAF (Web Application Firewall): A WAF protects web-based applications from a variety of threats, including DoS and DDoS attacks. It filters and monitors HTTP traffic between a web application and the internet, identifying and blocking malicious requests before they reach the application. • H. Containerization: Containerization, using tools like Docker and Kubernetes, enables the deployment and management of applications in lightweight, isolated containers. Containers are resilient to failure, and container orchestration platforms can automatically restart or reschedule containers in case of failure, ensuring service continuity and automatic recovery.
Containers make automatic service recovery much easier. Since they mention service recovery, I'd go with that one. If they were focusing more on data recover, I'd have gone with continuous snapshots. The data will be separate from the web frontend services anyway.
Services must recover automatically. - F
CDF - Containers will help with automatic restart when orchestrations tools like Docker swarm and Kubernetes are employed.
CDG. While a CDN improves performance, it does nothing for high availability and resiliency. It doesn't address any of the other requirements either.
That's not entirely correct. A CDN does help to mitigate DDoS attacks by distributing traffic across multiple servers. But I'm still going with C, D, and G. For high availability and resiliency, we need G.
CDN instead of WAF. Restore the last snapshot to recover automatically
Absolutely not. Use a container with autoscaling to recover automatically.