exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 701 discussion

A city has deployed a web application running on Amazon EC2 instances behind an Application Load Balancer (ALB). The application's users have reported sporadic performance, which appears to be related to DDoS attacks originating from random IP addresses. The city needs a solution that requires minimal configuration changes and provides an audit trail for the DDoS sources.

Which solution meets these requirements?

  • A. Enable an AWS WAF web ACL on the ALB, and configure rules to block traffic from unknown sources.
  • B. Subscribe to Amazon Inspector. Engage the AWS DDoS Response Team (DRT) to integrate mitigating controls into the service.
  • C. Subscribe to AWS Shield Advanced. Engage the AWS DDoS Response Team (DRT) to integrate mitigating controls into the service.
  • D. Create an Amazon CloudFront distribution for the application, and set the ALB as the origin. Enable an AWS WAF web ACL on the distribution, and configure rules to block traffic from unknown sources
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Community vote distribution
C (100%)

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Andy_09
Highly Voted 1 year, 1 month ago
C is the correct answer
upvoted 7 times
...
Scheldon
Most Recent 9 months ago
Selected Answer: C
AnswerC
upvoted 1 times
...
NSA_Poker
9 months, 3 weeks ago
Selected Answer: C
(A & D) are incorrect. AWS WAF Web ACL - contain WAF rules that define how to inspect web requests and what to do when a web request matches the inspection criteria. We don't have the inspection criteria necessary to use WAF Web ACL effectively bc DDoS attacks are originating from random IP addresses. The AWS DDoS Response Team can respond to the randomness. (B) is incorrect. Amazon Inspector - a service that analyzes your EC2 instances to identify potential security and configuration issues. Inspector is not good at dealing with an actual DDOS attack like AWS Shield Advanced.
upvoted 1 times
...
sandordini
11 months, 1 week ago
Selected Answer: C
DDoS = AWS Shield
upvoted 2 times
...
Mikado211
12 months ago
Selected Answer: C
C is the correct answer, AWS Shield Advanced.
upvoted 1 times
...
asdfcdsxdfc
1 year ago
Selected Answer: C
C looks correct
upvoted 1 times
...
Naveena_Devanga
1 year, 1 month ago
C is the correct answer. Amazon Inspector is an automated vulnerability management service whereas AWS Shield Advanced is a managed service that helps you protect your application against external threats, like DDoS attacks, volumetric bots, and vulnerability exploitation attempts. For higher levels of protection against attacks.
upvoted 2 times
...
Darshan07
1 year, 1 month ago
Selected Answer: C
C is the correct answer
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
312-50v12
Calgary, 1 minute ago