Multiple Choice
A company's web application is deployed on Amazon EC2 instances behind a public Application Load Balancer. The application flags malicious requests and uses an AWS Lambda function to add the offending IP addresses to the network ACL to block any further requests for 24 hours. Recently, the application has been receiving more malicious requests, which causes the network ACL to reach its limit of allowed entries. Which action should be taken to block more IP addresses, without compromising the existing security requirements?
A) Update the AWS Lambda function to remove blocked entries from the network ACL after 2 hours.
B) Update the AWS Lambda function to block malicious IPs in security groups rather than the network ACL.
C) Update the AWS Lambda function to block malicious IPs in AWS WAF attached to the Application Load Balancer.
D) Update the AWS Lambda function to add an additional network ACL to the subnets once the limit for the previous ones has been reached.
Correct Answer:
Verified
Correct Answer:
Verified
Q28: You are auditing an AWS infrastructure after
Q29: In the context of Amazon CloudFront Actions,
Q30: In AWS, which service provides a reliable
Q31: A company has an AWS Direct Connect
Q32: After setting an AWS Direct Connect, which
Q34: Select the answer/s that correctly state how
Q35: A Lambda function needs to access the
Q36: An architecture is being designed to support
Q37: You need to set up an Amazon
Q38: A company with several VPCs in the