ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 241 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 241
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

An ecommerce website was down for 1 hour following a DDoS attack. Users were unable to connect to the website during the attack period. The ecommerce company’s security team is worried about future potential attacks and wants to prepare for such events. The company needs to minimize downtime in its response to similar attacks in the future.

Which steps would help achieve this? (Choose two.)

  • A. Enable Amazon GuardDuty to automatically monitor for malicious activity and block unauthorized access.
  • B. Subscribe to AWS Shield Advanced and reach out to AWS Support in the event of an attack.
  • C. Use VPC Flow Logs to monitor network traffic and an AWS Lambda function to automatically block an attacker’s IP using security groups.
  • D. Set up an Amazon EventBridge rule to monitor the AWS CloudTrail events in real time, use AWS Config rules to audit the configuration, and use AWS Systems Manager for remediation.
  • E. Use AWS WAF to create rules to respond to such attacks.
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by Bachhu at Jan. 2, 2025, 2:39 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TareDHakim
3 months, 3 weeks ago
Selected Answer: BE
B. Provides enhanced protection against DDoS attacks, including advanced mitigation capabilities. Includes 24/7 access to the AWS DDoS Response Team (DRT) for immediate assistance during an attack. Also provides cost protection to prevent unexpected charges due to scaling during a DDoS attack. E. AWS WAF can help create custom rules to detect and block malicious traffic patterns (e.g., rate-based rules, IP address blocking, or patterns indicative of DDoS). It integrates with AWS Shield and CloudFront for real-time traffic filtering. By setting up rate-limiting rules, WAF can help mitigate volumetric attacks.
upvoted 2 times
...
Bachhu
3 months, 3 weeks ago
Selected Answer: AB
A: Enable GuardDuty for threat detection. B: AWS Shield advanced for DDoS attack.
upvoted 1 times
Bachhu
3 months, 2 weeks ago
E is not suitable as in the question didn’t mentioned what resources they are using.
upvoted 1 times
Bachhu
3 months, 1 week ago
Sorry. B,E is correct.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago