Protect Against DDoS Attacks | Solutions and Measures

Safeguard Your Website from DDoS Attacks

Question

Which of the following can be used to protect against DDoS attacks? Choose 2 answers from the options given below.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - C and D.

The AWS Documentation mentions the following:

AWS Shield - All AWS customers benefit from the automatic protections of AWS Shield Standard, at no additional charge.

AWS Shield Standard defends against most common, frequently occurring network and transport layer DDoS attacks that target your web site or applications.

AWS Shield Advanced - For higher levels of protection against attacks targeting your web applications running on Amazon EC2, Elastic Load Balancing (ELB), CloudFront, and Route 53 resources, you can subscribe to AWS Shield Advanced.

AWS Shield Advanced provides expanded DDoS attack protection for these resources.

For more information on AWS Shield, please refer to the below URL:

https://docs.aws.amazon.com/waf/latest/developerguide/ddos-overview.html

The correct answers are C. AWS Shield and D. AWS Shield Advanced.

Explanation:

A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

To protect against DDoS attacks, AWS provides two services - AWS Shield and AWS Shield Advanced.

AWS Shield is a free service that provides DDoS protection to all AWS customers. It helps in detecting and mitigating DDoS attacks on AWS infrastructure, including Elastic Load Balancers, CloudFront distributions, and Amazon Route 53 hosted zones. AWS Shield can protect your applications from the most common, frequently occurring network and transport layer DDoS attacks.

AWS Shield Advanced provides additional DDoS protection to customers who require a higher level of protection against more sophisticated attacks. AWS Shield Advanced is a paid service that provides access to 24/7 DDoS response team, advanced metrics and reports, and cost protection against usage spikes. AWS Shield Advanced can also protect against application layer attacks and supports integration with AWS WAF, AWS Firewall Manager, and Amazon CloudFront.

AWS EC2 and RDS are not designed to protect against DDoS attacks. AWS EC2 is a virtual server in the cloud designed to run applications and services, and AWS RDS is a managed database service. While they have some security features, they are not specifically designed to mitigate DDoS attacks.