A company is hosting a web application that is sitting behind an Application Load Balancer. The IT Security team needs to respond to possible layer 7 DDoS attacks in the most efficient time possible. Which of the following 2 actions can help achieve this?

Answer options:

A.Use the AWS WAF service and set up ACLs to respond to the DDoS attacks.
B.Use the AWS Shield Advanced service to protect against the DDoS attacks.
C.Enable AWS Shield and engage the AWS DDoS Response Team (DRT).
D.Use AWS GuardDuty.

Answer: A and B
AWS Docs provides the following details.
If DDoS alarms in CloudWatch indicate a possible layer 7 attacks, you have two options.
· Investigate and mitigate the attack on your own: If you determine that activity represents a DDoS attack, you can create your own AWS WAF rules to mitigate the attack. AWS WAF is included with AWS Shield Advanced at no additional cost. AWS provides pre-configured templates to get you started quickly.
· If you are an AWS Shield Advanced customer, you also have the option of contacting the AWS Support Center: If you want assistance in applying mitigations, you can contact the AWS Support Center. Critical and urgent cases are routed directly to DDoS experts. With AWS Shield Advanced, complex cases can be escalated to the DRT, which has deep experience in protecting AWS, Amazon.com, and its subsidiaries.
Option C is incorrect because AWS Shield is enabled by default and you need to enable AWS Shield Advanced to engage AWS DDoS Response Team (DRT).
Option D is incorrect because GuardDuty detects unauthorized and unexpected activities in your AWS environment. It does not help to respond to layer 7 DDoS attacks.
For more information on responding to DDoS attacks, please visit the below URL
https://docs.aws.amazon.com/waf/latest/developerguide/ddos-responding.html