You are designing a social media site and are considering how to mitigate distributed denial-of-service (DDoS)
attacks. Which of the below are viable mitigation techniques? (Choose three.)
A.
Add multiple elastic network interfaces (ENIs) to each EC2 instance to increase the network bandwidth.
B.
Use dedicated instances to ensure that each instance has the maximum performance possible.
C.
Use an Amazon CloudFront distribution for both static and dynamic content.
D.
Use an Elastic Load Balancer with auto scaling groups at the web. App and Amazon Relational Database
Service (RDS) tiers
E.
Add alert Amazon CloudWatch to look for high Network in and CPU utilization.
F.
Create processes and capabilities to quickly add and remove rules to the instance OS firewall.
cde
Correct answers – C,D,E
C D E
CDE
CDE
http://jayendrapatil.com/tag/ddos/
How would you set up an autoscaling group for a managed RDS instance? 🙂 D is suggesting that. Also, a good DDoS attack will quickly exhaust any autoscaling that you could possibly afford so autoscaling is not a good way to mitigate such an attack.
I would say A, C, and E.
Adding multiple network adapters will increase bandwidth during an attack.
We all agree on C and E so far.
CDE