A company wants to implement a defense-in-depth strategy for a web application hosted on AWS. Which TWO services should they use to protect against common web exploits and DDoS attacks?
WAF protects against web exploits.
Why this answer
Option A and C are correct: AWS WAF protects against web exploits like SQL injection, and AWS Shield Advanced provides enhanced DDoS protection. Option B is wrong because Network Firewall is for network-level filtering, not specifically web exploits. Option D is wrong because GuardDuty is for threat detection, not inline prevention.
Option E is wrong because Inspector is for vulnerability scanning.