An education company is running a web application used by college students around the world. The application runs in an Amazon Elastic Container Service (Amazon ECS) cluster in an Auto Scaling group behind an Application Load Balancer (ALB) . A system administrator detects a weekly spike in the number of failed login attempts, which overwhelm the application's authentication service. All the failed login attempts originate from about 500 different IP addresses that change each week. A solutions architect must prevent the failed login attempts from overwhelming the authentication service. Which solution meets these requirements with the MOST operational efficiency?
A) Use AWS Firewall Manager to create a security group and security group policy to deny access from the IP addresses
B) Create an AWS WAF web ACL with a rate-based rule, and set the rule action to Block. Connect the web ACL to the ALB
C) Use AWS Firewall Manager to create a security group and security group policy to allow access only to specific CIDR ranges
D) Create an AWS WAF web ACL with an IP set match rule, and set the rule action to Block. Connect the web ACL to the ALB
Correct Answer:
Verified
Q851: A company is running an application distributed
Q852: Your fortune 500 company has under taken
Q853: A company has implemented an ordering system
Q854: A company is migrating applications from on
Q855: A financial company needs to create a
Q857: A company is migrating its on-premises build
Q858: A solutions architect is building a web
Q859: A company that is developing a mobile
Q860: A company has several applications running in
Q861: A company is running a web application
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents