An e-commerce company's public web API suddenly slows to a crawl. Logs show hundreds of thousands of HTTP requests per second originating from thousands of different IP addresses worldwide. The cloud architect must recommend a control that will keep the application available without blocking legitimate users. Which measure best meets this requirement?
Assign a unique public IP address to each microservice endpoint so traffic is distributed
Enable an automated DDoS mitigation service that detects abnormal traffic patterns and filters malicious requests before they reach the workload
Schedule nightly backups of the API code and data to off-site storage
Apply server-side encryption to the database storage volumes
Automated DDoS mitigation services continuously analyse inbound traffic, compare it to established baselines, and block or rate-limit malicious bursts before they reach the workload, preserving availability during volumetric attacks. Changing IP addresses, encrypting data at rest, or creating backups do not prevent the flood of request traffic itself.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an automated detection feature in this context?
Open an interactive chat with Bash
What are compromised endpoints in network security?
Open an interactive chat with Bash
How does traffic inspection block abnormal volumes of data?