Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 437 discussion

As no shield protect here so WAF rate limit

Best solution Shield Advanced, not listed here, thus second-best solution, WAF with rate limiting

A. Amazon Inspector = Software vulnerabilities like OS patches etc. Not fit for purpose. C. Changing IP from DDoS so don't know the incoming traffic for configuration (even if it was possible) D. GardDuty is for workload and AWS account monitoring so it can't help with DDoS. B is correct as AWS WAF + ALB can configure rate limiting even if source IP changes.

according to some google searches... to protect against DDOS attack: * AWS WAF(Web Application Firewall) provides protection on the application layer (I think Application Load Balancer belongs to this level) * AWS Shield protects the infrastructure layers of the OSI mode (I think AWS Network Load Balancer belongs to this level)

This case is A

AWS Web Application Firewall (WAF) + ALB (Application Load Balancer) See image at https://aws.amazon.com/waf/ . https://docs.aws.amazon.com/waf/latest/developerguide/ddos-responding.html . Question keyword "high request rate", answer keyword "rate-limiting rule" https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-example-limit-login-page-keys.html Amazon GuardDuty for theat detection https://aws.amazon.com/guardduty/ , not for DDoS.

B in swahili 'ba' :) external systems, incoming requests = AWS WAF

layer 7 DDoS protection with WAF https://docs.aws.amazon.com/waf/latest/developerguide/ddos-get-started-web-acl-rbr.html

B no doubt.

AWS WAF (Web Application Firewall) is a service that provides protection for web applications against common web exploits. By associating AWS WAF with the Application Load Balancer (ALB), you can inspect incoming traffic and define rules to allow or block requests based on various criteria.

B AWS Web Application Firewall (WAF) is a service that helps protect web applications from common web exploits and provides advanced security features. By deploying AWS WAF and associating it with the ALB, the company can set up rules to filter and block incoming requests based on specific criteria, such as IP addresses. In this scenario, the company is facing performance issues due to a high request rate from illegitimate external systems with changing IP addresses. By configuring a rate-limiting rule in AWS WAF, the company can restrict the number of requests coming from each IP address, preventing excessive traffic from overwhelming the website. This will help mitigate the impact of potential DDoS attacks and ensure that legitimate users can access the site without interruption.

If not AWS Shield, then WAF

B obv for this

D, Guard Duty for me