Preventing DDOS attacks involves a lot more than a WordPress security plugin.
Having said that, this plugin can mitigate the effects of DDOS attacks by greatly reducing load on your server by preventing PHP operations and DB queries which are coming from unwanted visitors/bots etc.
The way it does this is via the various firewall rules which work by inserting directives in your .htaccess file which serve to protect your site against particular attacks by stopping them at the Apache server level.
PS: Currently the plugin supports Apache (and Litespeed servers).
We will also introduce nginx support in future.