Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A security engineer needs to protect a public web application that runs in a VPC.

A security engineer needs to protect a public web application that runs in a VPC. The VPC hosts the origin for an Amazon CloudFront distribution. The application has experienced multiple layer 7 DDoS attacks. An AWS WAF web ACL is associated with the CloudFront distribution. The web ACL contains one AWS managed rule to protect against known IP addresses that have bad reputations.

The security engineer must configure an automated solution that detects and mitigates layer 7 DDoS attacks in real time with no manual effort.

Which solution will meet these requirements?

A.

Enable AWS Shield Advanced on the CloudFront distribution. Configure alerts in Amazon CloudWatch for DDoS indicators.

B.

Enable AWS Shield Advanced and configure proactive engagement with the AWS DDoS Response Team (DRT).

C.

Deploy AWS Network Firewall in the VPC. Create security policies that detect DDoS indicators. Create an AWS Lambda function to automatically update the web ACL rules during an attack.

D.

Add a rate-based rule to the web ACL. Enable AWS Shield Advanced. Enable automatic application layer DDoS mitigation on the CloudFront distribution.

Amazon Web Services SCS-C03 Summary

  • Vendor: Amazon Web Services
  • Product: SCS-C03
  • Update on: Jul 2, 2026
  • Questions: 231
Price: $52.5  $149.99
Buy Now SCS-C03 PDF + Testing Engine Pack

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method