A company has implemented a self-managed DNS service on AWS. The solution consists of the following: • Amazon EC2 instances in different AWS Regions • Endpoints of a standard accelerator in AWS Global Accelerator The company wants to protect the solution against DDoS attacks. What should a solutions architect do to meet this requirement?
ASubscribe to AWS Shield Advanced. Add the accelerator as a resource to protect.
BSubscribe to AWS Shield Advanced. Add the EC2 instances as resources to protect.
CCreate an AWS WAF web ACL that includes a rate-based rule. Associate the web ACL with the accelerator.
DCreate an AWS WAF web ACL that includes a rate-based rule. Associate the web ACL with the EC2 instances.