A retail organization has deployed its web application servers within AWS cloud infrastructure. This organization is a part of AWS Shield Advanced and is experiencing an attack on its web servers. The operations team has confirmed that DDoS alarms in Amazon CloudWatch are indicating layer 7 attacks. Management is looking for a way forward to remediate these attacks.
Which is the correct statement for possible actions against these attacks?

Answer options:

A.AWS automatically deploys network ACLs to mitigate layer 7 attacks.
B.Investigate and remediate the layer 7 attacks on your own by creating user-created AWS WAF ACLs.
C.AWS automatically addresses layer 7 attacks by creating security group rules.
D.Contact AWS Support centre to engage AWS Shield Response Team.

Correct Answer: D
If an organization is a part of AWS Shield Advanced and is facing layer 7 attacks, they can contact the AWS support center which can engage DDoS experts or AWS Shield Response Team to mitigate the DDoS attacks.
Option A is incorrect as network ACLs are automatically added in the case of layer 3 and 4 attacks and not for layer 7 attacks.
Option B is incorrect as this is required only when the organization is not a part of AWS Shield advanced support.
Option C is incorrect as AWS automatically addresses layer 3 and 4 attacks and not layer 7 attacks.
For more information on AWS Shield, refer to the following URL,
https://docs.aws.amazon.com/waf/latest/developerguide/ddos-responding.html