Q54 — AWS SCS-C02 Ch.1

Question 54 of 100 | ← Chapter 1

An ecommerce website was down for 1 hour following a DDoS attack. Users were unable to connect to the website during the attack period. The ecommerce company’s security team is worried about future potential attacks and wants to prepare for such events. The company needs to minimize downtime in its response to similar attacks in the future. Which steps would help achieve this? (Choose two.)

Correct Answer: B. Subscribe to AWS Shield Advanced and reach out to AWS Support in the event of an attack., E. Use AWS WAF to create rules to respond to such attacks.

Explanation

AWS Shield Advanced专门针对DDoS攻击提供增强防护,包括实时攻击可视化和直接访问AWS DDoS响应团队(DRT),在攻击发生时快速响应。AWS WAF允许自定义规则过滤恶意流量,应对应用层攻击,两者结合可有效减少服务中断时间。选项C的自动化方案依赖日志分析和脚本执行,可能存在延迟;选项D侧重于配置审计而非实时攻击缓解。参考AWS文档:Shield Advanced降低复杂DDoS攻击影响,WAF规则库包含预定义DDoS防护规则。