Multiple Choice
A company website runs on Amazon EC2 instances behind an Application Load Balancer (ALB) . The instances run in an Auto Scaling group across multiple Availability Zones. There is an Amazon CloudFront distribution in front of the ALB. Users are reporting performance problems. A security engineer discovers that the website is receiving a high rate of unwanted requests to the CloudFront distribution originating from a series of source IP addresses. How should the security engineer address this problem?
A) Using AWS Shield, configure a deny rule with an IP match condition containing the source IPs of the unwanted requests.
B) Using Auto Scaling, configure the maximum an instance value to an increased count that will absorb the unwanted requests.
C) Using an Amazon VPC NACL, configure an inbound deny rule for each source IP CIDR address of the unwanted requests.
D) Using AWS WAF, configure a web ACL rate-based rule on the CloudFront distribution with a rate limit below that of the unwanted requests.
Correct Answer:
Verified
Correct Answer:
Verified
Q84: The Security Engineer for a mobile game
Q85: A recent security audit found that AWS
Q86: An audit determined that a company's Amazon
Q87: An organization wants to log all AWS
Q88: Example.com is hosted on Amazon EC2 instance
Q90: A company's Information Security team wants to
Q91: A company uses AWS CodePipeline for its
Q92: A company is running an application on
Q93: A company is designing the security architecture
Q94: A company needs its Amazon Elastic Block