What should the solutions architect do to meet this requirement?

By: study aws cloud

Tagged: Solutions Architect Associate

With: 2 Comments

A company is concerned about the security of its public web application due to recent web attacks.The application uses an Application Load Balancer (ALB).A solutions architect must reduce the risk of DDoS attacks against the application.

What should the solutions architect do to meet this requirement?

Add an Amazon Inspector agent to the ALB

Configure Amazon Macie to prevent attacks

Enable AWS Shield Advanced to prevent attacks

Configure Amazon GuardDuty to monitor the ALB

Explanations:

Amazon Inspector is a security assessment service that identifies vulnerabilities in EC2 instances and containers. It is not designed to protect against DDoS attacks on an ALB.

Amazon Macie is primarily focused on discovering and protecting sensitive data, such as personal information, rather than mitigating DDoS attacks.

AWS Shield Advanced provides enhanced DDoS protection for applications, including those behind an ALB. It can detect and mitigate DDoS attacks, offering the necessary security for the application.

Amazon GuardDuty is a threat detection service that monitors for malicious activity and unauthorized behavior, but it doesn’t actively prevent DDoS attacks. It is more for detection than mitigation.

Previous Post: What should a Database Specialist do in this situation to increase performance and return latency to sub-second levels?

Next Post: Which solution will meet this requirement with the LEAST development effort?

2 Comments

Author

I systematize that the answer is:
Enable AWS Shield Advanced to prevent attacks

Jerry

7 months ago

Permalink

Reply
Author

As far as I can tell, the answer is:
Enable AWS Shield Advanced to prevent attacks

Richard

1 month ago

Permalink

Reply

Leave a Reply to Richard Cancel reply