SCS-C02 Domain 4: Infrastructure Security

For cost and security, the team must mitigate DDoS. What is the recommended approach? mitigate DDoS.

Multiple choice — select one answer

Answer choices

  1. a. AWS WAF managed rule groups
  2. b. AWS Shield and Route 53 routing policies
  3. c. EC2 Image Builder CIS benchmarks
  4. d. S3 Block Public Access at account level

Architectural breakdown & explanation

Shield Standard is automatic; Advanced adds RTM.

Correct answer(s): b. AWS Shield and Route 53 routing policies

Exam domain: Domain 4: Infrastructure Security (17% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Security – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.