DDoS Mitigation Flashcards Preview

AWS Certified Solution Architecture -- Associate > DDoS Mitigation > Flashcards

Flashcards in DDoS Mitigation Deck (2)
Loading flashcards...
1
Q

When mitigating against DOS/DDOS attacks, use the same practice you would use on you on-remise components

A
    • Firewalls: Security groups, network access control lists, host-based firewalls
    • Web application Firewalls(WAFS)
    • Host-based or inline IDS/IPS(zTrend Micro)
    • Traffic shaping/rate limiting
2
Q

Capabilities based on its elasticity

A
    • you can potentially use cloudfront to absorb DOS/SSOS flooding attacks.
    • a potential attackers trying to attacj content behind a cloudfront distribution is likely to send most requests to cloudfront edge locations, where the AWS infrastrucure will absorb the extra requests with minimal to no impact on the back-end customer web servers.