SCS-C02 · Question #359
SCS-C02 Question #359: Real Exam Question with Answer & Explanation
The correct answer is B: Use an ELB Application Load Balancer and Auto Scaling group to scale to absorb application. The below diagram from AWS shows the best case scenario for avoiding DDos attacks using services such as AWS Cloudfro WAF, ELB and Autoscaling Option A is invalid because by default security groups don't allow access Option C is invalid because AWS Inspector cannot be used to exa
Question
A company is deploying a new web application on AWS. Based on their other web applications, they anticipate being the target of frequent DDoS attacks. Which steps can the company use to protect their application? Select 2 answers from the options given below.
Options
- AAssociate the EC2 instances with a security group that blocks traffic from blacklisted IP
- BUse an ELB Application Load Balancer and Auto Scaling group to scale to absorb application
- CUse Amazon Inspector on the EC2 instances to examine incoming traffic and discard malicious
- DUse CloudFront and AWS WAF to prevent malicious traffic from reaching the application
- EEnable GuardDuty to block malicious traffic from reaching the application
Explanation
The below diagram from AWS shows the best case scenario for avoiding DDos attacks using services such as AWS Cloudfro WAF, ELB and Autoscaling Option A is invalid because by default security groups don't allow access Option C is invalid because AWS Inspector cannot be used to examine traffic Option E is invalid because this can be used for attacks on EC2 Instances but not against DDos attacks on the entire application https://aws.amazon.com/answers/networking/aws-ddos-attack-mitieation
Community Discussion
No community discussion yet for this question.