AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A startup's web application is gaining popularity and the technical leadership is worried about potential disruptions caused by volumetric attacks from malicious actors. As the Solutions Architect, which service should be employed to safeguard the application's uptime and performance?
The correct service to mitigate Distributed Denial of Service attacks is AWS Shield. It provides automatic protection that safeguards web applications without necessitating any modifications to the existing setup. AWS Shield Standard is automatically included with certain AWS services such as Amazon CloudFront and provides protection against the most common attacks at no additional cost. For higher levels of protection, AWS Shield Advanced offers more comprehensive defenses against larger and more complex attacks, including access to the 24/7 AWS DDoS Response Team. AWS WAF primarily protects web applications from common web exploits that could affect application availability, security, and compliance, but is not directly aimed at DDoS protection. AWS Firewall Manager is a service that allows you to centrally manage firewall rules across your accounts and applications in AWS Organizations, but it does not directly mitigate DDoS attacks. Amazon Inspector is used to perform security assessments and find vulnerabilities, not for real-time attack mitigation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS Shield and how does it work?
Open an interactive chat with Bash
What are volumetric attacks, and how do they impact web applications?
Open an interactive chat with Bash
What is the difference between AWS Shield and AWS WAF?