AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 196

A company needs to protect against potential botnet command and control traffic from any Amazon EC2 instances that is in in the company’s AWS Environment.

Which solution will meet these requirements?

Answer options

• A. Use AWS Shield Advanced. Activate Shield Advanced protections on the EC2 instances to filter and block botnet traffic.
• B. Use Amazon Route 53 Resolver DNS Firewall. Add a rule to a rule group to use the AWSManagedDomainsBotnetCommandandControl managed domain list with an action to block botnet traffic.
• C. Use AWS WAF Bot Control. Configure a managed rule group that uses an AWS managed rule set to block botnet traffic.
• D. Use AWS Systems Manager. Run a Systems Manager Automation runbook on the EC2 instances to configure the instances to block botnet traffic.

Correct answer: B

Explanation

The correct answer is B because using Amazon Route 53 Resolver DNS Firewall allows for the application of specific rules to block known botnet command and control domains effectively. Options A, C, and D do not provide direct blocking capabilities for DNS-based botnet traffic, making them insufficient for the requirement.