New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-40 Exam - Topic 7 Question 10 Discussion

Actual exam question for Eccouncil's 312-40 exam
Question #: 10
Topic #: 7
[All 312-40 Questions]

An AWS customer was targeted with a series of HTTPS DDoS attacks, believed to be the largest layer 7 DDoS reported to date. Starting around 10 AM ET on March 1, 2023, more than 15,500 requests per second (rps) began targeting the AWS customer's load balancer. After 10 min, the number of requests increased to 2,50,000 rps.

This attack resembled receiving the entire daily traffic in only 10s. An AWS service was used to sense and mitigate this DDoS attack as well as prevent bad bots and application vulnerabilities. Identify which of the following AWS services can accomplish this.

Show Suggested Answer Hide Answer
Suggested Answer: B

To effectively overcome shadow IT and unwarranted usage of cloud resources at FinTech Inc., the organization should implement cloud governance.

1.Cloud Governance Defined: Cloud governance is a set of rules and policies that govern the use of cloud resources. It ensures that the IT infrastructure is used in a way that aligns with the company's strategic goals, compliance requirements, and security standards1.

1.Addressing Shadow IT:

oPolicy Creation: Establish clear policies regarding the use of cloud services and the procurement of IT resources.

oEnforcement Mechanisms: Implement controls to enforce these policies, such as requiring approval for new cloud services or software.

oEducation and Training: Educate employees about the risks associated with shadow IT and the importance of following IT department rules.

oMonitoring and Reporting: Use tools to monitor cloud usage and report on compliance with governance policies.

1.Benefits of Cloud Governance:

oControl and Visibility: Provides better control over IT resources and visibility into how they are being used.

oCost Management: Helps prevent unnecessary spending on unapproved cloud services.

oSecurity and Compliance: Ensures that cloud services are used in a secure and compliant manner, reducing the risk of breaches.


Microsoft Learn: Discover and manage Shadow IT1.

CrowdStrike: What is Shadow IT? Defining Risks & Benefits2.

Microsoft Security Blog: Top 10 actions to secure your environment3.

SC Magazine: Stop chasing shadow IT: Tackle the root causes of cloud breaches4.

by Roslyn at Jul 16, 2024, 06:51 PM

Limited Time Offer

25%

Off

Get Premium 312-40 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Joni
3 months ago
Wait, 15,500 to 250,000 rps? How is that even possible?
upvoted 0 times
...
Bette
3 months ago
I disagree, I think Amazon CloudFront could also help with this.
upvoted 0 times
...
Vallie
3 months ago
I thought DDoS attacks were getting less common, guess I was wrong!
upvoted 0 times
...
Javier
4 months ago
Pretty sure AWS Shield Standard is the right service for DDoS protection.
upvoted 0 times
...
Jesusita
4 months ago
That's insane! 250,000 rps in just 10 minutes!
upvoted 0 times
...
Shoshana
4 months ago
I’m a bit confused; I thought AWS EBS was more about storage solutions, not DDoS protection.
upvoted 0 times
...
Emelda
4 months ago
I practiced a similar question, and I think AWS Shield Standard is the right choice since it provides automatic protection against DDoS attacks.
upvoted 0 times
...
Michal
4 months ago
I’m not entirely sure, but I feel like Amazon CloudFront could help with distributing traffic and absorbing some of the load.
upvoted 0 times
...
Lacresha
5 months ago
I remember studying DDoS mitigation strategies, and I think AWS Shield Standard is specifically designed for that kind of attack.
upvoted 0 times
...
Matthew
5 months ago
I've got a good feeling about this. Based on the details provided, AWS Shield Standard seems like the service that can handle this type of large-scale, layer 7 DDoS attack.
upvoted 0 times
...
Stephaine
5 months ago
Okay, the key here is identifying the AWS service that can sense and mitigate DDoS attacks, as well as protect against bad bots and application vulnerabilities. I'm thinking CloudFront or AWS Shield Standard.
upvoted 0 times
...
Javier
5 months ago
Hmm, I'm a bit confused by the details here. I'll need to carefully read through the question and think it through step-by-step.
upvoted 0 times
...
Lai
5 months ago
This seems like a pretty straightforward DDoS mitigation question. I'm pretty confident I can figure this out.
upvoted 0 times
...
Peggie
5 months ago
This is a tricky one. I'll need to review my notes on AWS DDoS protection services to make sure I choose the right option.
upvoted 0 times
...
Kanisha
5 months ago
Okay, I've got a strategy here. I'll start by eliminating the options that don't seem directly related to the SMTP integration problem, then focus on the one that seems most likely to provide the needed troubleshooting information.
upvoted 0 times
...
Vincent
5 months ago
This question requires some technical knowledge about Intrusion Detection Systems. I'll need to review my notes to make sure I have a good grasp of their features and limitations.
upvoted 0 times
...
Launa
5 months ago
I'm leaning towards the Disaster Recovery Plan. That's usually the go-to for minimizing disruptions and getting operations back up and running after an incident.
upvoted 0 times
...
Marlon
9 months ago
I hope the AWS team had their coffee that day to handle a DDoS attack that big. Guess they're used to the caffeinated chaos.
upvoted 0 times
Dean
8 months ago
D) AWS EBS
upvoted 0 times
...
Merrilee
8 months ago
I hope they had their coffee ready for that chaos!
upvoted 0 times
...
Maybelle
8 months ago
C) AWS Shield Standard is specifically designed to protect against DDoS attacks.
upvoted 0 times
...
Marjory
8 months ago
B) Amazon CloudFront can help mitigate DDoS attacks.
upvoted 0 times
...
Aretha
9 months ago
I hope they had a strong firewall in place.
upvoted 0 times
...
Elke
9 months ago
C) AWS Shield Standard
upvoted 0 times
...
Leslie
9 months ago
B) Amazon CloudFront
upvoted 0 times
...
...
Leah
10 months ago
AWS Direct Connect? That's for private network connections, not DDoS mitigation. C'mon, this is too easy. AWS Shield Standard is the answer.
upvoted 0 times
Maurine
8 months ago
AWS Shield Standard is specifically designed for protecting against DDoS attacks.
upvoted 0 times
...
Avery
8 months ago
Yeah, AWS Direct Connect is definitely not the right option for this scenario.
upvoted 0 times
...
Quinn
8 months ago
I agree, AWS Shield Standard is the right choice for DDoS mitigation.
upvoted 0 times
...
Daniel
8 months ago
AWS Shield Standard is the way to go for mitigating DDoS attacks on AWS.
upvoted 0 times
...
Shawnee
8 months ago
Yeah, AWS Direct Connect is definitely not the right choice for this scenario.
upvoted 0 times
...
Amie
9 months ago
I agree, AWS Shield Standard is specifically designed for DDoS protection.
upvoted 0 times
...
...
Tammi
10 months ago
AWS EBS? Really? That's for block storage, not DDoS protection. The correct answer has to be AWS Shield Standard.
upvoted 0 times
Ira
10 months ago
Yeah, AWS EBS is definitely not the right choice for mitigating DDoS attacks. AWS Shield Standard is the way to go.
upvoted 0 times
...
Janessa
10 months ago
I think you're right, AWS Shield Standard is the service designed for DDoS protection.
upvoted 0 times
...
...
Regenia
10 months ago
I'm not sure, but I think Amazon CloudFront can also help in preventing DDoS attacks by distributing traffic across multiple servers.
upvoted 0 times
...
Jackie
10 months ago
I'm not sure CloudFront would be the best option, as it's more focused on content delivery than DDoS mitigation. AWS Shield Standard seems like the way to go.
upvoted 0 times
...
Yolando
10 months ago
I agree with Catina, AWS Shield Standard is specifically built for mitigating DDoS attacks.
upvoted 0 times
...
Catina
11 months ago
I think the answer is C) AWS Shield Standard because it is designed to protect against DDoS attacks.
upvoted 0 times
...
Salome
11 months ago
AWS Shield Standard seems like the obvious choice here. It's designed to protect against DDoS attacks and can handle large-scale attacks like the one described.
upvoted 0 times
Daron
9 months ago
It's good to know that AWS has services like this to handle such large-scale attacks.
upvoted 0 times
...
Bambi
9 months ago
Yes, AWS Shield Standard is specifically built for protecting against DDoS attacks.
upvoted 0 times
...
Nana
10 months ago
I think AWS Shield Standard is the right choice too.
upvoted 0 times
...
Martina
10 months ago
C) AWS Shield Standard
upvoted 0 times
...
...

Save Cancel