Creating Amazon CloudWatch Alarms for AWS Shield Advanced Metrics

Creating Amazon CloudWatch Alarms

Prev Question Next Question

Question

A multi-national company has deployed its web application servers on Amazon EC2 Instance.

This company is a part of AWS Shield Advanced to protect against DDoS attacks and is looking to get notified when any malicious activities happen.

You have been assigned to create an Amazon CloudWatch alarm using AWS Shield Advanced metrics. What is the correct way of creating these alarms?

Answers

A. Create an alarm in the CloudWatch console and then choose AWSDDOSProtectionMetrics.

B. Create an alarm in the CloudWatch console and then choose DDoSDetected.

C. Create an alarm in the CloudWatch console and then choose VolumeBitsPerSecond metric.

D. Create an alarm in the CloudWatch console and then choose top contributor`s metrics.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: A.

While creating Amazon CloudWatch metrics using AWS Shield Advanced metrics, the following steps need to be followed.

Create an alarm in the Amazon CloudWatch console.

Choose “AWSDDOSProtectionMetrics” which are only available for AWS Shield Advanced.

Option B is incorrect because while creating CloudWatch metrics using AWS Shield metrics, AWSDDOSProtectionMetrics need to be selected and not DDoSDetected.

Option C is incorrect because while creating CloudWatch metrics using AWS Shield metrics, AWSDDOSProtectionMetrics need to be selected first, and then any other metric can be selected.

Option D is incorrect because while creating CloudWatch metrics using AWS Shield metrics, AWSDDOSProtectionMetrics need to be selected first, and then any other metric can be selected.

For more information on AWS Shield, refer to the following URL,

https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#set-ddos-alarms

The correct way of creating an Amazon CloudWatch alarm using AWS Shield Advanced metrics to notify a multi-national company of any malicious activities happening on its web application servers deployed on Amazon EC2 Instance is to choose the DDoSDetected metric.

AWS Shield Advanced is a managed DDoS protection service that provides enhanced detection and mitigation against DDoS attacks. It automatically detects and mitigates attacks by using AWS-managed mitigation techniques, including advanced networking and application-level traffic filtering.

Amazon CloudWatch is a monitoring service that allows you to monitor and collect metrics, collect and monitor log files, and set alarms. You can use CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health.

To create an Amazon CloudWatch alarm using AWS Shield Advanced metrics, you need to follow these steps:

Log in to the AWS Management Console.
Open the CloudWatch console.
Choose the AWS Region where your resources are located.
In the navigation pane, choose Alarms.
Choose Create alarm.
In the Create Alarm wizard, choose the DDoSDetected metric from the list of available metrics.
Set the conditions for the alarm, such as the threshold for the number of DDoS attacks detected.
Choose the actions to take when the alarm is triggered, such as sending a notification to an email address or an SMS message.
Choose Create alarm to create the alarm.

The DDoSDetected metric indicates the number of DDoS attacks detected by AWS Shield Advanced. When the number of DDoS attacks detected exceeds the threshold set for the alarm, the alarm is triggered, and the chosen action is taken.

Therefore, the correct answer is B. Create an alarm in the CloudWatch console and then choose DDoSDetected.

Prev Question Next Question