AWS Certified Security – Specialty SCS-C01 – Question205

An ecommerce website was down for 1 hour following a DDoS attack. Users were unable to connect to the website during the attack period. The ecommerce company’s security team is worried about future potential attacks and wants to prepare for such events. The company needs to minimize downtime in its response to similar attacks in the future.
Which steps would help achieve this? (Choose two.)

A.
Enable Amazon GuardDuty to automatically monitor for malicious activity and block unauthorized access.
B. Subscribe to AWS Shield Advanced and reach out to AWS Support in the event of an attack.
C. Use VPC Flow Logs to monitor network traffic and an AWS Lambda function to automatically block an attacker’s IP using security groups.
D. Set up an Amazon CloudWatch Events rule to monitor the AWS CloudTrail events in real time, use AWS Config rules to audit the configuration, and use AWS Systems Manager for remediation.
E. Use AWS WAF to create rules to respond to such attacks.

Correct Answer: AE