Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 721 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 721
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company is developing a web application that runs on Amazon EC2 instances in an Auto Scaling group behind a public-facing Application Load Balancer (ALB).
Only users from a specific country are allowed to access the application. The company needs the ability to log the access requests that have been blocked. The solution should require the least possible maintenance.
Which solution meets these requirements?

  • A. Create an IPSet containing a list of IP ranges that belong to the specified country. Create an AWS WAF web ACL. Configure a rule to block any requests that do not originate from an IP range in the IPSet. Associate the rule with the web ACL. Associate the web ACL with the ALB.
  • B. Create an AWS WAF web ACL. Configure a rule to block any requests that do not originate from the specified country. Associate the rule with the web ACL. Associate the web ACL with the ALB.
  • C. Configure AWS Shield to block any requests that do not originate from the specified country. Associate AWS Shield with the ALB.
  • D. Create a security group rule that allows ports 80 and 443 from IP ranges that belong to the specified country. Associate the security group with the ALB.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Jaypdv at April 30, 2021, 11:56 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
oxfordsolutions
Highly Voted 3 years ago
Correct Answer: B
upvoted 13 times
gsw
3 years ago
how is it B?
upvoted 1 times
jduo
3 years ago
https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html
upvoted 3 times
...
...
DashL
2 years, 11 months ago
If you want to allow or block web requests based on the country that the requests originate from, create one or more geo match conditions. A geo match condition lists countries that your requests originate from. Later in the process, when you create a web ACL, you specify whether to allow or block requests from those countries.
upvoted 4 times
...
...
jj22222
Most Recent 2 years, 8 months ago
B looks right
upvoted 2 times
...
Devgela
2 years, 8 months ago
Selected Answer: B
B is the correct answer for me
upvoted 2 times
...
tkanmani76
2 years, 9 months ago
B - https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html
upvoted 1 times
...
cldy
2 years, 9 months ago
B. Create an AWS WAF web ACL. Configure a rule to block any requests that do not originate from the specified country. Associate the rule with the web ACL. Associate the web ACL with the ALB.
upvoted 2 times
...
AzureDP900
2 years, 10 months ago
B is right. Option A provided to confuse you!
upvoted 1 times
...
acloudguru
2 years, 10 months ago
Selected Answer: B
WAF is designed to serve this case, for A making a IP list is impossible. AWS has such list, and can ganrutee 99.8% accurate, how can a company do it?
upvoted 1 times
...
AzureDP900
2 years, 10 months ago
B completely make sense. A is wrong answer.
upvoted 1 times
...
andylogan
2 years, 11 months ago
It's B
upvoted 1 times
...
tgv
2 years, 11 months ago
BBB ---
upvoted 1 times
...
blackgamer
2 years, 11 months ago
It is B
upvoted 1 times
...
Kopa
2 years, 11 months ago
Im for B
upvoted 1 times
...
WhyIronMan
2 years, 11 months ago
I'll go with B
upvoted 3 times
...
vimgoru24
2 years, 11 months ago
It’s B. You should not manage IP lists in this case
upvoted 1 times
...
hk436
2 years, 11 months ago
B is my answer!!
upvoted 1 times
...
Waiweng
2 years, 12 months ago
it's B
upvoted 3 times
...
tvs
3 years ago
B https://aws.amazon.com/blogs/aws/aws-web-application-firewall-waf-for-application-load-balancers/
upvoted 1 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel