ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 189 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 189
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company is updating an application that customers use to make online orders. The number of attacks on the application by bad actors has increased recently.

The company will host the updated application on an Amazon Elastic Container Service (Amazon ECS) cluster. The company will use Amazon DynamoDB to store application data. A public Application Load Balancer (ALB) will provide end users with access to the application. The company must prevent attacks and ensure business continuity with minimal service interruptions during an ongoing attack.

Which combination of steps will meet these requirements MOST cost-effectively? (Choose two.)

  • A. Create an Amazon CloudFront distribution with the ALB as the origin. Add a custom header and random value on the CloudFront domain. Configure the ALB to conditionally forward traffic if the header and value match.
  • B. Deploy the application in two AWS Regions. Configure Amazon Route 53 to route to both Regions with equal weight.
  • C. Configure auto scaling for Amazon ECS tasks Create a DynamoDB Accelerator (DAX) cluster.
  • D. Configure Amazon ElastiCache to reduce overhead on DynamoDB.
  • E. Deploy an AWS WAF web ACL that includes an appropriate rule group. Associate the web ACL with the Amazon CloudFront distribution.
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by Roontha at May 28, 2023, 1:16 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jackhemo
Highly Voted 1 year, 5 months ago
Selected Answer: AE
From Olabiba.ai: Option A: By adding a custom header and random value on the CloudFront domain and configuring the ALB to conditionally forward traffic if the header and value match, you can implement a form of request validation. This helps to filter out potentially malicious requests and prevent attacks from reaching the application. - Option E: Deploying an AWS WAF web ACL that includes an appropriate rule group and associating it with the Amazon CloudFront distribution adds an additional layer of protection. The web ACL can include rules to block common attack patterns and provide protection against various types of attacks, such as SQL injection and cross-site scripting (XSS).
upvoted 5 times
...
sammyhaj
Most Recent 2 days, 16 hours ago
Selected Answer: BE
broken question B has business continuity E must be chosen A has no business continuity, just recovery or mitigation
upvoted 1 times
...
43c89f4
7 months, 2 weeks ago
simple BCD are not at all related to question
upvoted 1 times
...
Russs99
12 months ago
Selected Answer: BE
none of the previous responses really make use of Business continuity as indicated in the scenario. my picks are options B and E. The combination of these two options (E and B) provides both security (via AWS WAF) and high availability (via multi-region deployment) for your application. It helps in preventing attacks and ensuring business continuity with minimal service interruptions during ongoing attacks, making it a cost-effective choice.
upvoted 2 times
kejam
11 months, 1 week ago
Can't use E without A. E depends on A for the CloudFront distribution.
upvoted 7 times
...
...
career360guru
1 year ago
Selected Answer: AE
A and E
upvoted 1 times
...
NikkyDicky
1 year, 5 months ago
Selected Answer: AE
its AE
upvoted 2 times
...
SkyZeroZx
1 year, 5 months ago
Selected Answer: AE
The only options that helps to protect are A E
upvoted 1 times
...
rbm2023
1 year, 6 months ago
Selected Answer: AE
its a combination of steps, only two of them mention cloud front A and E. it would also be the cheapest option to protect against attacks without having to increase unnecessary performance to the infrastructure which would only cost more money (setup additional region - B , configure auto scaling for ECS and add a DAX - C, configure caching , D).
upvoted 4 times
...
andreitugui
1 year, 6 months ago
Selected Answer: AE
The only options that helps to protect are A E
upvoted 2 times
...
Roontha
1 year, 6 months ago
Answer : A E
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago