ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 504 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 504
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A financial company hosts a web application on AWS. The application uses an Amazon API Gateway Regional API endpoint to give users the ability to retrieve current stock prices. The company's security team has noticed an increase in the number of API requests. The security team is concerned that HTTP flood attacks might take the application offline.
A solutions architect must design a solution to protect the application from this type of attack.
Which solution meets these requirements with the LEAST operational overhead?

  • A. Create an Amazon CloudFront distribution in front of the API Gateway Regional API endpoint with a maximum TTL of 24 hours.
  • B. Create a Regional AWS WAF web ACL with a rate-based rule. Associate the web ACL with the API Gateway stage.
  • C. Use Amazon CloudWatch metrics to monitor the Count metric and alert the security team when the predefined rate is reached.
  • D. Create an Amazon CloudFront distribution with Lambda@Edge in front of the API Gateway Regional API endpoint. Create an AWS Lambda function to block requests from IP addresses that exceed the predefined rate.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by CobraBoy at Aug. 30, 2021, 2:17 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
patriktre
Highly Voted 3 years, 8 months ago
B is correct. https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-aws-waf.html
upvoted 34 times
...
CobraBoy
Highly Voted 3 years, 8 months ago
B is the ansyer, WAF = https://aws.amazon.com/waf/
upvoted 15 times
...
thanhch
Most Recent 2 years, 5 months ago
B is correct. We can use rate-based rule to specific the number of request that are accepted by each client ip.
upvoted 1 times
...
queen101
2 years, 10 months ago
WAF....BBBBBBBBBBBBB
upvoted 1 times
...
Alfene
2 years, 10 months ago
I vote B
upvoted 1 times
...
marklovesaws143
2 years, 10 months ago
Selected Answer: B
BBBBBBBBBBBB
upvoted 1 times
...
MAHP
2 years, 11 months ago
Vote B
upvoted 1 times
...
slcheng
2 years, 11 months ago
Selected Answer: B
Vote B
upvoted 1 times
...
awsnoobster
3 years, 3 months ago
B - AWS WAF is a web application firewall that helps protect web applications and APIs from attacks.
upvoted 2 times
...
Rightsaidfred
3 years, 3 months ago
B all the way!
upvoted 1 times
...
SmartDude
3 years, 4 months ago
Selected Answer: B
B it is.
upvoted 1 times
...
mtyj
3 years, 4 months ago
Selected Answer: B
B is the correct answer
upvoted 1 times
...
SOA93
3 years, 5 months ago
Selected Answer: B
B IS CORRECT
upvoted 1 times
...
weilun_tann
3 years, 5 months ago
B - Question is asking for DDoS protection - API Gateway throttles requests by default (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) - We need AWS Shield or WAF - https://aws.amazon.com/blogs/security/how-to-protect-dynamic-web-applications-against-ddos-attacks-by-using-amazon-cloudfront-and-amazon-route-53/
upvoted 1 times
...
aprendiendo
3 years, 5 months ago
Rta B: AWS WAF es un firewall de aplicaciones web que ayuda a proteger las aplicaciones web y las API de ataques. Le permite configurar un conjunto de reglas (denominadas lista de control de acceso web (Web ACL)) que permiten, bloquean o cuentan solicitudes web en función de las reglas y condiciones de seguridad web personalizables que defina.
upvoted 1 times
TheBengiDog
2 years, 9 months ago
nacho taco chimichanga
upvoted 1 times
...
...
monazir
3 years, 5 months ago
B for me
upvoted 1 times
...
prex
3 years, 5 months ago
for me is B
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel