An outsourcing company is working on a government project.
Security is very important to the success of the application.
The application is developed mainly in EC2 with several application load balancers.
CloudFront and Route53 are also configured.
The major concern is that it should be able to be protected against DDoS attacks.
The company decides to activate the AWS Shield Advanced feature.
To this effect, it has hired an external consultant to 'educate' its employees on the same.
For the below options, which ones help the company to understand the AWS Shield Advanced plan? Select 3.
Click on the arrows to vote for the correct answer
A. B. C. D. E. F. G. H.Correct Answer - A, D, E.
AWS Shield has two plans - AWS Shield Standard and AWS Shield Advanced.
AWS Shield Standard:
AWS Shield Standard activates automatically at no additional charge.
AWS Shield Standard defends against the most common, frequently occurring network and transport layer DDoS attacks that target your applications.
AWS Shield Advanced:
For higher levels of protection against attacks.
It has a subscription fee which is $ 3000 per month.
Option A is CORRECT.
Because Elastic Load Balancing (ELB), Amazon CloudFront, Amazon Route 53 are all covered by AWS Shield Advanced.
Option B is incorrect.
Because AWS Shield Advanced has a subscription commitment of 1 year with a base monthly fee of 3000$.
Option C is incorrect.
Because Route 53 is covered by AWS Shield Advanced.
Option D is CORRECT.
Because 24*7 support by the DDoS Response team is a key feature of the advanced plan.
Option E is CORRECT.
Because AWS Shield Advanced integrates with AWS CloudWatch and provides relevant reports.
Option F is incorrect.
Because AWS Shield is not within AWS WAF.
Please note that both of them help protect the AWS resources.
AWS WAF is a web application firewall service, while AWS Shield provides expanded DDoS attack protection for the AWS resources.
The outsourcing company is working on a government project where security is critical. The application is developed primarily in EC2 with several application load balancers. Additionally, CloudFront and Route53 are also used. The major concern is to protect against DDoS attacks, and the company decides to activate AWS Shield Advanced feature. The company has hired an external consultant to educate its employees on the same.
The AWS Shield Advanced plan is a comprehensive DDoS protection service offered by AWS. It helps to protect the applications hosted on EC2, ALB, CloudFront, and Route 53 against DDoS attacks. To understand the AWS Shield Advanced plan, the following three options can be considered:
AWS Shield Advanced plan can protect application load balancers, CloudFront, and Route53 from DDoS attacks. This is the first important aspect to understand about AWS Shield Advanced plan. It is designed to provide protection to applications hosted on EC2, ALB, CloudFront, and Route53 against DDoS attacks.
AWS Shield Advanced plan does not have a monthly base charge. The company only needs to pay the data transfer fee. Other than that, AWS WAF includes no additional cost. This is the second important aspect to understand about AWS Shield Advanced plan. There is no monthly base charge for AWS Shield Advanced plan. The company only needs to pay the data transfer fee. Additionally, AWS WAF is included with AWS Shield Advanced plan, and there is no additional cost for it.
Route 53 is not covered by AWS Shield Advanced plan. However, Route 53 is able to be protected under AWS WAF. This is the third important aspect to understand about AWS Shield Advanced plan. Route53 is not covered by AWS Shield Advanced plan. However, it can be protected under AWS WAF. AWS WAF is a web application firewall that is included with AWS Shield Advanced plan.
The remaining options are:
A dedicated rule in WAF should be customized. This is not directly related to understanding the AWS Shield Advanced plan. However, it is an important aspect of customizing the AWS WAF, which is included with AWS Shield Advanced plan.
24*7 support by the DDoS Response team. Critical and urgent priority cases can be answered quickly by DDoS experts. Custom mitigations during attacks are also available. This is an important aspect of the AWS Shield Advanced plan. AWS provides 24/7 support by the DDoS response team. Critical and urgent priority cases can be answered quickly by DDoS experts. Additionally, custom mitigations during attacks are also available.
Real-time notification of attacks is available via Amazon CloudWatch. Historical attack reports are also provided. This is another important aspect of the AWS Shield Advanced plan. AWS Shield Advanced plan provides real-time notification of attacks via Amazon CloudWatch. Additionally, historical attack reports are also provided.
AWS Shield is a sub-feature within AWS WAF. This is incorrect. AWS Shield is not a sub-feature within AWS WAF. AWS WAF is a web application firewall that is included with AWS Shield Advanced plan.
AWS Shield Advanced can be activated in AWS WAF console, which also provides the near real-time metrics and packet captures for attack forensics. This is another important aspect of the AWS Shield Advanced plan. AWS Shield Advanced plan can be activated in AWS WAF console, which also provides the near real-time metrics and packet captures for attack forensics.
Therefore, the correct options to understand the AWS Shield Advanced plan are A, B, and C.