ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SysOps Administrator - Associate All Questions

View all questions & answers for the AWS Certified SysOps Administrator - Associate exam
Go to Exam

Exam AWS Certified SysOps Administrator - Associate topic 1 question 361 discussion

Exam question from Amazon's AWS Certified SysOps Administrator - Associate
Question #: 361
Topic #: 1
[All AWS Certified SysOps Administrator - Associate Questions]

A developer creates a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. The developer reviews the deployment and notices some suspicious traffic to the application. The traffic is malicious and is coming from a single public IP address. A SysOps administrator must block the public IP address.

Which solution will meet this requirement?

  • A. Create a security group rule to deny all inbound traffic from the suspicious IP address. Associate the security group with the ALB.
  • B. Implement Amazon Detective to monitor traffic and to block malicious activity from the internet. Configure Detective to integrate with the ALB.
  • C. Implement AWS Resource Access Manager (AWS RAM) to manage traffic rules and to block malicious activity from the internet. Associate AWS RAM with the ALB.
  • D. Add the malicious IP address to an IP set in AWS WAF. Create a web ACL. Include an IP set rule with the action set to BLOCK. Associate the web ACL with the ALB.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by jas26says at June 24, 2023, 3:02 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rdiaz
Highly Voted 2 years ago
Selected Answer: D
D waf. “A” cannot be because security groups do not have deny rules.
upvoted 10 times
...
[Removed]
Highly Voted 1 year, 11 months ago
D. Add the malicious IP address to an IP set in AWS WAF. Create a web ACL. Include an IP set rule with the action set to BLOCK. Associate the web ACL with the ALB.
upvoted 5 times
...
james2033
Most Recent 12 months ago
Selected Answer: D
a single malicious public IP address --> AWS WAF (Web Application Firewall) --> D.
upvoted 1 times
...
joshnort
1 year, 2 months ago
Selected Answer: D
D: Add the malicious IP address to an IP set in AWS WAF. Create a web ACL. Include an IP set rule with the action set to BLOCK. Associate the web ACL with the ALB. AWS Web Application Firewall (WAF) allows you to create rules to control which traffic is allowed or blocked to your web applications. By creating an IP set containing the malicious IP address and associating it with a web ACL with a BLOCK action, you effectively block the IP address from reaching the ALB. https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html (A) is wrong because Security Groups don't have Deny Rules.
upvoted 1 times
...
Pete987
2 years ago
Selected Answer: D
S: WAF for blocking IP address
upvoted 4 times
...
Warza
2 years ago
Selected Answer: D
D. meets ALL requirements for the question
upvoted 5 times
...
jas26says
2 years ago
Selected Answer: A
Ans is A
upvoted 1 times
jas26says
1 year, 12 months ago
Sorry, it´s D
upvoted 2 times
...
Zotarix
1 year, 11 months ago
Security Groups only allows traffic to your resources, you can't block traffic using Security Groups. https://docs.aws.amazon.com/vpc/latest/userguide/security-groups.html
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel