AWS Certified Security – Specialty SCS-C01 – Question161

A Website currently runs on Amazon EC2 with mostly static content on the site. Recently, the site was subjected to a DDoS attack, and a Security Engineer was tasked with redesigning the edge security to help mitigate this risk in the future.
What are some ways the Engineer could archive this? (Choose three.)

A.
Use AWS X-Ray to inspect the traffic going to the EC2 instances.
B. Move the static content to Amazon S3, and front this with Amazon CloudFront distribution.
C. Change the security group configuration to block the source of the attack traffic.
D. Use AWS WAF security rules to inspect the inbound traffic.
E. Use Amazon Inspector assessment templates to inspect the inbound traffic.
F. Use Amazon Route 53 to distribute traffic.

Correct Answer: ABE