Adding Layers of Defense with AWS Shield While AWS WAF can provide several protections to your CloudFront origins and application load balancers, AWS Shield protects against more complex DDoS attacks, such as volumetric attacks. The following table compares AWS Shield and AWS WAF. Protection from AWS WAF AWS Shield HTTP Floods State-Exhaustion Attacks DNS Query […]

Timers Since DNS is a distributed database, there must be a mechanism to ensure that the data remains fresh in the nonauthoritative servers. When a resolver requests a record, it will store that information locally in case it is needed again. However, if it remains in the local cache, the primary, or authoritative, server may […]

ExamAlert Remember, one of the crucial factors that enables scalability and elasticity is ensuring your resources are disposable. That means any data is always written outside the processing layer. All databases, files, logs, and any kind of output the application generates should always be decoupled from the processing layer. In the exam, different services might […]

Technical requirements You can download the data used in the examples from GitHub, available here: https://github.com/PacktPublishing/AWS-Certified-Machine-Learning-Specialty-MLS-C01-Certification-Guide-Second-Edition/tree/main/Chapter03. Creating ETL jobs on AWS Glue In a modern data pipeline, there are multiple stages, such as generating data, collecting data, storing data, performing ETL, analyzing, and visualizing. In this section, you will cover each of these at a […]

DNS Resolution Process Figure 2.3 illustrates the steps involved with a standard DNS query and the interactions from the different levels of the DNS hierarchy as the client types a URL into a browser window until the IP address is returned. The client types in the browser a web page to load such as www.tipofthehat.com. The […]

One Bill or Multiple Bills By default, when you create a standalone AWS account, you must provide a payment method (for instance, a credit card). For large organizations, it usually doesn’t make sense for them to receive as many bills as they have AWS accounts. They usually demand a consolidated bill across all the accounts […]

Using AWS Web Application Firewall as a Response to Attacks One of the primary purposes of a denial-of-service attack is to make the system being attacked unresponsive. Assets will be protected if you place your applications and web services, along with corresponding load balancers and Content Delivery Networks (CDNs), such as CloudFront, behind a Web […]

Answers 1. Answer: Both the web and database layers are scalable. The application layer is limited in elasticity due to the persistence of the session data on the EC2 instances. Session data should be moved off the EC2 instances. 2. Answer: The bulk image uploads seem to exceed the capacity of the ECS cluster. The application needs […]

Exam Readiness Drill For the first three attempts, don’t worry about the time limit. ATTEMPT 1 The first time, aim for at least 40%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix your learning gaps. ATTEMPT 2 The second time, aim for at least 60%. […]

DDoS Attack Patterns There are many different DDoS attacks that can be used to achieve the end goal of disruption. The following subsections explain a couple of these at a high level to help you understand the principles of DDoS attacks. Note The exam will not test you on the different types of attacks and […]