A company is hosting multiple applications within a single VPC in its AWS account. The applications are running behind an Application Load Balancer that is associated with an AWS WAF web ACL. The company's security team has identified that multiple port scans are originating from a specific range of IP addresses on the internet. A security engineer needs to deny access from the offending IP addresses. Which solution will meet these requirements?
A) Modify the AWS WAF web ACL with an IP set match rule statement to deny incoming requests from the IP address range.
B) Add a rule to all security groups to deny the incoming requests from the IP address range.
C) Modify the AWS WAF web ACL with a rate-based rule statement to deny incoming requests from the IP address range.
D) Configure the AWS WAF web ACL with regex match conditions. Specify a pattern set to deny the incoming requests based on the match condition.
Correct Answer:
Verified
Q237: Two Amazon EC2 instances in different subnets
Q238: A security engineer noticed an anomaly within
Q239: A company's data lake uses Amazon S3
Q240: A company's Chief Security Officer has requested
Q241: An ecommerce website was down for 1 hour
Q243: Users report intermittent availability of a web
Q244: A company is using AWS Organizations to
Q245: A company's architecture requires that its three
Q246: A company's AWS CloudTrail logs are all
Q247: A company needs to encrypt all of
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents