Secure Architecture I
Explore AWS solutions to protect cloud architectures against DDoS attacks and SQL injections with minimal overhead. Understand encryption methods for multi-region data security and best practices for IAM roles to enforce least privilege. Learn to secure database credentials and VPC communication with AWS security services and endpoints.
We'll cover the following...
Question 14
An AI-based startup is preparing to launch its three-tier web application using third-party Domain Name Services (DNS). The application takes an image and analyzes it to label its content. The application is deployed over multiple EC2 instances behind an Application Load Balancer (ALB). The application and database layers are deployed in the private subnet of the Virtual Private Cloud (VPC).
A solutions architect must recommend a solution that protects against large-scale DDoS attacks and SQL injections with the least operational overhead.
A. Use AWS Shield to ALB to protect against DDoS attacks, attach AWS WAF in front of the ALB, and associate appropriate web ACLS with WAF.
B. Attach AWS Shield Advanced and WAF to Application Load Balancer (ALB) to block all the SQL injection and manage large-scale DDoS attacks automatically.
C. Use AWS Shield with ALB to protect against DDoS attacks and Amazon Inspector to block all SQL injection attempts automatically.
D. Use AWS ...