CLF-C02 Domain 2: Security and Compliance

Which protects against common DDoS attacks on CloudFront and Route 53 at no extra charge?

Multiple choice — select one answer

Answer choices

  1. a. Rely on AWS Shield Standard alone while omitting the cross-service integration the workload needs, without security or identity team coordination per policy.
  2. b. Configuring security groups on EC2
  3. c. AWS Shield Standard
  4. d. AWS WAF and AWS Shield, using shared credentials instead of individual accountability.

Architectural breakdown & explanation

Shield Standard is automatically included for all customers.

Correct answer(s): c. AWS Shield Standard

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.