ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 272 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 272
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company is hosting multiple applications within a single VPC in its AWS account. The applications are running behind an Application Load Balancer that is associated with an AWS WAF web ACL. The company's security team has identified that multiple port scans are originating from a specific range of IP addresses on the internet.
A security engineer needs to deny access from the offending IP addresses.
Which solution will meet these requirements?

  • A. Modify the AWS WAF web ACL with an IP set match rule statement to deny incoming requests from the IP address range.
  • B. Add a rule to all security groups to deny the incoming requests from the IP address range.
  • C. Modify the AWS WAF web ACL with a rate-based rule statement to deny incoming requests from the IP address range.
  • D. Configure the AWS WAF web ACL with regex match conditions. Specify a pattern set to deny the incoming requests based on the match condition.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by stamford at Aug. 25, 2021, 10:09 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kiev
Highly Voted 3 years, 6 months ago
A is the answer. Note that the IP is known and the question wants us to deny access from that particular address and so we can use IP set match policy of WAF to block access.
upvoted 15 times
...
sapien45
Most Recent 2 years, 7 months ago
Selected Answer: A
Yes , IP set match rule statement, is a thing. The IP set match statement inspects the IP address of a web request against a set of IP addresses and address ranges. Use this to allow or block web requests based on the IP addresses that the requests originate from https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-ipset-match.html
upvoted 1 times
...
dcasabona
2 years, 9 months ago
Selected Answer: A
Option A for me.
upvoted 1 times
...
Appsec977
2 years, 11 months ago
As asked in the question "must be denied" means the hosts should be block, Option D doesn't mean anything close to it so the A is the perfect answer.
upvoted 1 times
...
lotfi50
3 years, 2 months ago
Selected Answer: A
A is the answer for me.
upvoted 1 times
...
Radhaghosh
3 years, 3 months ago
Question ask "Access from the infringing IP addresses" --> it's determined IPs are malicious, so Rate based is not required. You can directly block the IP using Web ACL Block rule.
upvoted 2 times
...
Cloudvin
3 years, 5 months ago
I will go with C
upvoted 1 times
Sec101
3 years, 1 month ago
C would have been for DDoS attack prevention. This is a port scan related issue so the answer is A
upvoted 1 times
...
...
munish3420
3 years, 5 months ago
A is the answer Reason: B is not correct because Security group is for EC2 instance and here no EC2 mentioned C is not correct because the issue here is port scan not DDOS attack where number of requests are increasing where rate based rule can help to block the requestscoming from any IP D - Is not correct because its string in the request if matches can accept or deny A is correct where we can block IP set with condition
upvoted 4 times
...
dumma
3 years, 5 months ago
C is right
upvoted 2 times
...
1awssec
3 years, 5 months ago
A > https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-ipset-match.html
upvoted 3 times
...
Elva
3 years, 6 months ago
It's an A
upvoted 3 times
...
hk436
3 years, 6 months ago
A is my answer.!
upvoted 3 times
...
santosar
3 years, 6 months ago
A -https://docs.aws.amazon.com/waf/latest/developerguide/waf-rules.html
upvoted 2 times
...
TollaMS
3 years, 6 months ago
A is the answer https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html
upvoted 2 times
...
hp_1980
3 years, 6 months ago
https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
upvoted 1 times
...
AWee
3 years, 6 months ago
C use a rate-based rule statement to create a threshold
upvoted 1 times
...
khin
3 years, 7 months ago
answer is A
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago