A company maintains a restaurant review website. The website is a single-page application where files are stored in Amazon S3 and delivered using Amazon CloudFront. The company receives several fake postings every day that are manually removed. The security team has identified that most of the fake posts are from bots with IP addresses that have a bad reputation within the same global region. The team needs to create a solution to help restrict the bots from accessing the website. Which strategy should a solutions architect use?
A) Use AWS Firewall Manage to control the CloudFront distribution security settings. Create a geographical block rule and associate it with Firewall Manager.
B) Associate an AWS WAF web ACL with the CloudFront distribution. Select the managed Amazon IP reputation rule group for the web ACL with a deny action.
C) Use AWS Firewall Manager to control the CloudFront distribution security settings. Select the managed Amazon IP reputation rule group and associate it with Firewall Manager with a deny action.
D) Associate an AWS WAF web ACL with the CloudFront distribution. Create a rule group for the web ACL with a geographical match statement with a deny action.
Correct Answer:
Verified
Q796: A large company is running a popular
Q797: A company is running its AWS infrastructure
Q798: A company is running multiple workloads in
Q799: A company runs an application on AWS.
Q800: A company hosts a large on-premises MySQL
Q802: A company is running a line-of-business (LOB)
Q803: To serve Web traffic for a popular
Q804: A large company in Europe plans to
Q805: A company wants to host its website
Q806: Your fortune 500 company has under taken
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents