Amazon Web Services SCS-C03 Question Answer
A security engineer needs to protect a public web application that runs in a VPC. The VPC hosts the origin for an Amazon CloudFront distribution. The application has experienced multiple layer 7 DDoS attacks. An AWS WAF web ACL is associated with the CloudFront distribution. The web ACL contains one AWS managed rule to protect against known IP addresses that have bad reputations.
The security engineer must configure an automated solution that detects and mitigates layer 7 DDoS attacks in real time with no manual effort.
Which solution will meet these requirements?
Amazon Web Services SCS-C03 Summary
- Vendor: Amazon Web Services
- Product: SCS-C03
- Update on: Jul 2, 2026
- Questions: 231

