ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 588 discussion

Exam question from Amazon's AWS-SysOps
Question #: 588
Topic #: 1
[All AWS-SysOps Questions]

Malicious traffic is reaching company web servers. A SysOps Administrator is tasked with blocking this traffic. The malicious traffic is distributed over many IP addresses and represents much higher traffic than is typically seen from legitimate users.
How should the Administrator protect the web servers?

  • A. Create a security group for the web servers and add deny rules for malicious sources.
  • B. Set the network access control list for the web servers' subnet and add deny entries.
  • C. Place web servers behind AWS WAF and establish the rate limit to create a blacklist.
  • D. Use Amazon CloudFront to cache all pages and remove the traffic from the web servers.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://aws.amazon.com/answers/networking/aws-ddos-attack-mitigation/
by saumenP at Oct. 31, 2019, 9:16 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sen12
Highly Voted 2 years, 6 months ago
Also, the question says "The malicious traffic is distributed over many IP addresses", so not one IP address but multiple, so we cant use NACL to deny traffic. We need a dynamic service such as WAF.
upvoted 10 times
...
saumenP
Highly Voted 2 years, 7 months ago
WAF seems to be correct https://aws.amazon.com/blogs/aws/protect-web-sites-services-using-rate-based-rules-for-aws-waf/
upvoted 8 times
aksliveswithaws
2 years, 6 months ago
WAF choice is correct Answer Ref #1: https://aws.amazon.com/about-aws/whats-new/2017/06/aws-announces-rate-based-rules-for-aws-waf/ Answer Ref #2: https://aws.amazon.com/blogs/aws/protect-web-sites-services-using-rate-based-rules-for-aws-waf/
upvoted 1 times
...
...
albert_kuo
Most Recent 9 months, 4 weeks ago
Selected Answer: C
By configuring rate limiting rules in AWS WAF, the Administrator can detect and block excessive traffic from the malicious sources that exceed a specified threshold. This helps to mitigate distributed denial of service (DDoS) attacks and reduce the impact of high-volume traffic from illegitimate users.
upvoted 1 times
...
Pradhan
2 years, 6 months ago
'B' Seems to be correct as WAF works only with Application Load Balancer, API Gateway and Cloudfront. It is nowhere mentioned that the application is using any one for these 3 services.
upvoted 1 times
...
Kimle
2 years, 6 months ago
WAF seem to be a good answer , but only problem is that WAF is only compatible with ALB , API gateway and cloudfront , question didn't specify that load balancer is being used ..
upvoted 1 times
...
RicardoD
2 years, 6 months ago
C is the answer. This is exactly a use case for WAF
upvoted 1 times
...
HVarada
2 years, 6 months ago
Answer "C". WAF is the best way to protect a Website from malicious attacks.
upvoted 1 times
...
abhishek_m_86
2 years, 6 months ago
C. Place web servers behind AWS WAF and establish the rate limit to create a blacklist.
upvoted 2 times
...
jackdryan
2 years, 6 months ago
I'll go with C
upvoted 3 times
...
MFDOOM
2 years, 6 months ago
C. Place web servers behind AWS WAF and establish the rate limit to create a blacklist.
upvoted 2 times
...
sen12
2 years, 6 months ago
Place web servers behind AWS WAF and establish the rate limit to create a blacklist. 1) Add the Webservers behind the AWS WAF 2) Establish the rate limit of the IPs coming in and create a blacklist on the WAF side. It's a good question which highlights one of the usage and importance of AWS WAF in front of webservers, ELB, Cloudfronts...etc..
upvoted 2 times
...
karmaah
2 years, 7 months ago
They have clearly mentioned that Web Servers. AWS WAF rules use conditions to target specific requests and trigger an action, allowing you to identify and block common DDoS request patterns and effectively mitigate a DDoS attack.
upvoted 2 times
...
white_shadow
2 years, 7 months ago
Don't you need to put the websevers first behind an ELB, Cloudfront before you can use WAF? If it is only the webservers then maybe we have to choose A or D. Not sure why they didn't add Shield cause that's what you use with DDoS.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago