Prevent Revenue Loss | Ensure 24/7 Support | AWS DDoS Protection Service
Question
A company is hosting an important revenue generating application.
On the last few occasions, the application has come under large DDoS attacks.
As a result of this, a lot of users were complaining about the slowness of the application.
You need to avoid these situations in the future and now require 24*7 support from AWS if such situations occur in the future.
Which of the following service can help in this regard?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: A.
The AWS Documentation mentions the following.
For higher levels of protection against attacks targeting your applications running on Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing(ELB), Amazon CloudFront, and Amazon Route 53 resources, you can subscribe to AWS Shield Advanced.
In addition to the network and transport layer protections that come with Standard, AWS Shield Advanced provides additional detection and mitigation against large and sophisticated DDoS attacks, near real-time visibility into attacks, and integration with AWS WAF, a web application firewall.
AWS Shield Advanced also gives you 24x7 access to the AWS DDoS Response Team (DRT) and protection against DDoS related spikes in your Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing(ELB), Amazon CloudFront, and Amazon Route 53 charges.
Option B is incorrect since this can be used to scan instances for vulnerabilities.
Option C is partially correct.
You can use the WAF service against certain types of attacks.
But for major DDoS attacks, you need to use the AWS Shield Advanced Service.
Option D is incorrect since this service cannot protect against DDoS attacks.
For more information on AWS Shield service, please refer to the below URL-
https://aws.amazon.com/shield/The correct answer to this question is A. AWS Shield Advanced.
Explanation:
DDoS (Distributed Denial of Service) attacks can cause significant damage to an organization's infrastructure and reputation. AWS Shield is a managed DDoS protection service that helps protect applications from DDoS attacks.
AWS Shield Advanced provides additional capabilities beyond the standard AWS Shield service. AWS Shield Advanced provides 24/7 access to AWS DDoS response team (DRT) for assistance during an attack. This includes direct access to AWS DRT engineers who will provide guidance and help to mitigate the attack.
AWS Shield Advanced also includes additional features such as network flow logs, protection against volumetric attacks, and integration with AWS WAF (Web Application Firewall) to provide additional protection against application-layer attacks.
AWS Inspector is a service that helps improve the security and compliance of applications deployed on AWS. It helps to identify security vulnerabilities and deviations from best practices.
AWS WAF is a web application firewall that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
AWS Systems Manager is a service that helps manage AWS resources and automate operational tasks. It provides a unified user interface that enables you to view operational data from multiple AWS services, automate operational tasks across your AWS resources, and take action on your resources at scale.
In summary, AWS Shield Advanced is the most appropriate service to help in this scenario as it provides 24/7 access to AWS DRT for assistance during a DDoS attack, network flow logs, protection against volumetric attacks, and integration with AWS WAF to provide additional protection against application-layer attacks.
