Which of the following techniques can be used to reduce the surface of DDos attacks on your AWS infrastructure. Choose 3 answers from the options given below

Answer options:

A.Use SQS queues to absorb the requests from the attack
B.Deploy a load balancer in front of your computational resource
C.Deploy a cloudfront distribution in front of your computational resource
D.Use NACL’s to control the flow of traffic.

Answer – B,C and D
The AWS documentation mentions the following
One of the first techniques to mitigate DDoS attacks is to minimize the surface area that can be attacked thereby limiting the options for attackers and allowing you to build protections in a single place. We want to ensure that we do not expose our application or resources to ports, protocols or applications from where they do not expect any communication. Thus, minimizing the possible points of attack and letting us concentrate our mitigation efforts. In some cases, you can do this by placing your computation resources behind Content Distribution Networks (CDNs) or Load Balancers and restricting direct Internet traffic to certain parts of your infrastructure like your database servers. In other cases, you can use firewalls or Access Control Lists (ACLs) to control what traffic reaches your applications.
For more information on DDos attack prevention,please refer to the below URL:
https://aws.amazon.com/shield/ddos-attack-protection/