Answer-first summary for fast verification
Answer: Set up an Amazon CloudFront distribution with the ALB as the origin, adding a custom header and a random value to the CloudFront domain. Configure the ALB to forward traffic conditionally based on matching the header and value., Implement an AWS WAF web ACL with appropriate rule groups and associate the web ACL with the Amazon CloudFront distribution.
To meet the requirements of preventing attacks and ensuring business continuity with minimal service interruptions in a cost-effective manner, the correct options are A and E. Option A suggests creating an Amazon CloudFront distribution with the ALB as the origin, which adds a layer of protection and can help distribute traffic efficiently. This setup includes adding a custom header and random value to the CloudFront domain and configuring the ALB to conditionally forward traffic if the header and value match, helping to mitigate certain types of attacks. Option E involves deploying an AWS WAF web ACL with appropriate rule groups and associating it with the Amazon CloudFront distribution. AWS WAF provides robust security features that can filter and monitor HTTP requests to prevent common web exploits, thereby enhancing security. Together, these options help provide both enhanced security and improved performance, contributing to cost-effective business continuity strategies.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company is enhancing its online ordering application, which has recently seen an increase in attacks from malicious actors. The updated application will be hosted on an Amazon Elastic Container Service (Amazon ECS) cluster, with Amazon DynamoDB used for data storage. A public Application Load Balancer (ALB) will grant end users access to the application. To prevent attacks and ensure business continuity with minimal service interruptions during ongoing attacks, which two steps will be the most cost-effective solutions?
A
Set up an Amazon CloudFront distribution with the ALB as the origin, adding a custom header and a random value to the CloudFront domain. Configure the ALB to forward traffic conditionally based on matching the header and value.
B
Deploy the application across two AWS Regions and configure Amazon Route 53 to equally route traffic between these regions.
C
Enable auto scaling for Amazon ECS tasks and create a DynamoDB Accelerator (DAX) cluster.
D
Set up Amazon ElastiCache to decrease the load on DynamoDB.
E
Implement an AWS WAF web ACL with appropriate rule groups and associate the web ACL with the Amazon CloudFront distribution.