Topic: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

A city has deployed a web application running on Amazon EC2 instances behind an Application Load Balancer (ALB). The application's users have reported sporadic performance, which appears to be related to DDoS attacks originating from random IP addresses. The city needs a solution that requires minimal configuration changes and provides an audit trail for the DDoS sources.

Which solution meets these requirements?

A.
Enable an AWS WAF web ACL on the ALB, and configure rules to block traffic from unknown sources.
B.
Subscribe to Amazon Inspector. Engage the AWS DDoS Response Team (DRT) to integrate mitigating controls into the service.
C.
Subscribe to AWS Shield Advanced. Engage the AWS DDoS Response Team (DRT) to integrate mitigating controls into the service.
D.
Create an Amazon CloudFront distribution for the application, and set the ALB as the origin. Enable an AWS WAF web ACL on the distribution, and configure rules to block traffic from unknown sources

Re: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

C is the correct answer

Re: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

DDoS = AWS Shield

Re: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

C is the correct answer, AWS Shield Advanced.

Re: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

C looks correct

Re: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

C is the correct answer.
Amazon Inspector is an automated vulnerability management service whereas AWS Shield Advanced is a managed service that helps you protect your application against external threats, like DDoS attacks, volumetric bots, and vulnerability exploitation attempts. For higher levels of protection against attacks.

Re: AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701

C is the correct answer