A company is observing frequent bursts of unusual traffic to its corporate website. The IP address ranges that inflate the requests keep changing, and the volumes of traffic are increasing. A security engineer needs to implement a solution to protect the website from a potential DDoS attack. The solution must rack the rate of requests from IP addresses. When the requests from a particular IP address exceed a specific rate, the solution must limit the amount of traffic that can reach the website from that IP address. Which solution will meet these requirements?

Topic #: - All AWS Certified Security - Specialty Questions

A. Setup Amazon Inspector on the backend servers. Create assessment targets with a rate-based configuration to block any offending IP address.
B. Create a rate-based rule in AWS WAF to block an IP address when that IP address exceeds the configured threshold rate. Most Voted
C. Identity the offending client IP address ranges. Create a regular rule in AWS WAF to block the offending IP address ranges.
D. Create a rate-based rule in Amazon GuardDuty to block an IP address when that IP address exceeds the configured threshold rate

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion