A Website currently runs on Amazon EC2, with mostly static content on the site. Recently, the site was subjected to a DDoS attack, and a Security Engineer was tasked with redesigning the edge security to help mitigate this risk in the future.
What are some ways the Engineer could achieve this? (Choose three.)
A. Use AWS X-Ray to inspect the traffic going to the EC2 instances.
B. Move the static content to Amazon S3, and front this with an Amazon CloudFront distribution.
C. Change the security group configuration to block the source of the attack traffic.
D. Use AWS WAF security rules to inspect the inbound traffic.
E. Use Amazon Inspector assessment templates to inspect the inbound traffic.
F. Use Amazon Route 53 to distribute traffic.
Please be careful: correct answer is B,D,F.
My 2 pennies of wisdom:
For the proposed answer X-RAY and Inspector have nothing to do with DDoS protection.