A multinational company has deployed its web application in AWS Infrastructure.
This application is critical for the company and needs to secure from any type of DDOS attacks.
Security Head is looking for global DDOS trends across AWS resources to further strengthen security guidelines within the company & protect resources from DDOS attacks. Which of the following can be used for monitoring DDOS threats?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D.
AWS Shield's global threat dashboard can be used to view DDOS trends for AWS resources like Amazon EC2, Amazon CloudFront, Elastic Load Balancing, and Amazon Route 53
This dashboard provides a near real-time summary of events occurring globally within AWS infrastructure.
Option A is incorrect as using AWS Firewall Manager, we can centrally monitor DDOS attacks on all the resources launched within the account.
It will not provide information about trends for DDOS threats for Amazon resources.
Option B is incorrect as these reports are only available post subscribing to AWS Shield Advanced.
Option C is incorrect as subscribing to SNS topics for global DDOS trends is not a valid option.
For more information on AWS Shield, refer to the following URL,
https://docs.aws.amazon.com/waf/latest/developerguide/using-ddos-reports.htmlThe best option for monitoring global DDOS trends across AWS resources is to use AWS Shield.
AWS Shield is a managed DDOS protection service that safeguards web applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS Shield provides two levels of protection: Standard and Advanced.
AWS Shield Advanced provides additional protections, such as real-time visibility into detected attacks, attack notifications, and access to 24/7 DDoS Response Team (DRT) support.
Option B is the correct answer, as AWS Shield provides real-time metric reports for DDOS global trends for Amazon resources. AWS Shield is designed to protect AWS resources and it provides insight into the type and volume of attacks experienced by other AWS customers. This information is used to protect all AWS customers, including those who use AWS Shield Standard. AWS Shield Advanced also provides access to real-time metrics and a global threat dashboard for detecting and mitigating DDOS attacks.
Option A is incorrect because AWS Firewall Manager is not designed to provide real-time metric reports for DDOS global trends. It is used for central management of AWS WAF rules across multiple accounts and resources.
Option C is incorrect because Amazon SNS is a messaging service that enables the sending and receiving of messages between different components of a distributed application. It is not used for monitoring DDOS threats.
Option D is incorrect because the AWS Shield global threat dashboard is only available to customers with AWS Shield Advanced, and it provides more than just near real-time trends for DDOS threats. It provides access to real-time metrics and a variety of other features for detecting and mitigating DDOS attacks.