For DDOS , you need to provide AWS Shield or Advanced Shield not the WAF

[joseph]

2. Question

Category: CSAP – Continuous Improvement for Existing Solutions

S.I.G.A Hackers United, a new international hacktivist group, has announced that they will launch wide-scale cyber attacks such as SQL Injection, cross-site scripting (XSS) and DDoS attacks, to multiple government websites which are hosted in AWS. You are hired as an IT consultant to reinforce the security of these government websites.

Which of the following approach provides a cost-effective and scalable mitigation from cyber attacks?

In the above question, they also have asked about DDoS attack, the docs says AWS WAF provide support for SQL injection and cross-site scripting(XSS). For DDoS best is AWS Shield or AWS Advanced shield, selecting AWS WAF wont help for giving a DDoS attack

So in the answer given, there should have been a option for AWS Shield

[TutorialsDojo-Support]

Hello joseph,

Thank you for sharing your thoughts on this item.

Based on this AWS Documentation, “You can use a web application firewall (WAF) to protect your web applications against attacks that attempt to exploit a vulnerability in your website. Common examples include SQL injection or cross-site request forgery. You can also use a firewall to detect and mitigate web application layer DDoS attacks.”

https://docs.aws.amazon.com/waf/latest/developerguide/classic-tutorials-ddos-cross-service-WAF.html

Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!

Regards,

Gerome @ Tutorials Dojo

[joseph]

Appreciate your reply and special thanks for the URL reference