ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 259 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 259
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company is hosting a web application on Amazon EC2 instances behind an Application Load Balancer (ALB). The application has become the target of a DoS attack. Application logging shows that requests are coming from small number of client IP addresses, but the addresses change regularly.
The company needs to block the malicious traffic with a solution that requires the least amount of ongoing effort.
Which solution meets these requirements?

  • A. Create an AWS WAF rate-based rule, and attach it to the ALB.
  • B. Update the security group that is attached to the ALB to block the attacking IP addresses.
  • C. Update the ALB subnet's network ACL to block the attacking client IP addresses.
  • D. Create a AWS WAF rate-based rule, and attach it to the security group of the EC2 instances.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by banderdash at Aug. 31, 2021, 2:51 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
hk436
Highly Voted 3 years, 8 months ago
A is my answer.!
upvoted 14 times
...
kiev
Highly Voted 3 years, 9 months ago
A is the right answer. WAF can be attached to ALB, CLOUDFRONT OR CONITO
upvoted 8 times
mx677
3 years, 3 months ago
you probably mean api gw
upvoted 1 times
...
...
Raphaello
Most Recent 1 year, 4 months ago
Selected Answer: A
A WAF rate-based rule and attach it to ALB.
upvoted 1 times
...
dcasabona
2 years, 11 months ago
Selected Answer: A
Option A.
upvoted 2 times
...
sapien45
2 years, 11 months ago
Selected Answer: A
I am a simple man, I read DDOS on EC2 , , I think AWS WAF rate-based rule with ALB
upvoted 3 times
...
lotfi50
3 years ago
Selected Answer: A
A is the answer
upvoted 2 times
...
ankitja999
3 years ago
A is right answer, as WAF wan not be attahed with EC2 SG.
upvoted 1 times
...
HananS
3 years, 1 month ago
A is the answer you can't attach WAF to EC2 instance, you only attach EC2 instance to ALB, Cloudfront
upvoted 1 times
...
mongiam
3 years, 1 month ago
Selected Answer: A
A is the answer, attach WAF to ALB
upvoted 1 times
...
TigerInTheCloud
3 years, 2 months ago
Selected Answer: D
Very simple but hard to choose. What does a limited number of client IP addresses mean? If it means a handful number or even many but in a handful CIDRs, NCAL denying is a simple and effective way. If it is more than a handful, the WAF rate-based rule is the way to go. As it mentioned "DDoS", I go WAF. AWS does not list NACL as a tool for fighting DDoS
upvoted 1 times
TigerInTheCloud
3 years, 2 months ago
So, I should vote on A
upvoted 1 times
...
...
Radhaghosh
3 years, 5 months ago
Option is A Question Says --> "limited number of client IP addresses that change on a frequent basis. The organization needs to prevent harmful traffic with the least amount of continuing work possible." Answer --> WAF Rate Based Rule either in ALB or CloudFront. In this case ALB
upvoted 1 times
...
sam_live
3 years, 5 months ago
The question says limited number of client IP addresses. Although they change the IP addresses are known. Therefore they can be blocked by NACL. I would go with option C.
upvoted 3 times
f4bi4n
3 years, 2 months ago
but keep this in mind: with the least amount of continuing work possible. so its A but they can still kill your website because an rate based rule takes 5min to block...
upvoted 1 times
...
...
banderdash
3 years, 9 months ago
The answer is A
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel