Exam AWS-SysOps topic 1 question 814 discussion

Exam question from Amazon's AWS-SysOps

Question #: 814
Topic #: 1

A company has a web application that is used across all company divisions. Each application request contains a header that includes the name of the division making the request. The SysOps Administrator wants to identify and count the requests from each division.
Which condition should be added to the web ACL of the AWS WAF to accomplish this?

A. Cross-site scripting
B. Geo match
C. IP match
D. String match

Show Suggested Answer

Suggested Answer: D 🗳️

by kung07 at May 10, 2020, 9:57 a.m.

Disclaimers:

- ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Submit Cancel

kung07

Highly Voted 2 years, 9 months ago

D seems to make more sense, as the IP addresses are unknown Refer to https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html

upvoted 16 times

...

AWS_Noob

Highly Voted 2 years, 9 months ago

D - keyword here being "header:

upvoted 6 times

...

albert_kuo

Most Recent 11 months, 2 weeks ago

Selected Answer: D

String match allows you to match specific strings in the request headers, query strings, or body content. In this case, the Administrator can configure a String match condition to look for the specific header that includes the name of the division in each application request. When the WAF encounters a request with the specified header value, it will trigger the associated rule, and you can use the WAF logs to count the number of requests coming from each division.

upvoted 1 times

...