Answer-first summary for fast verification
Answer: Associate an AWS WAF web ACL with the CloudFront distribution Select the managed Amazon IP reputation rule group for the web ACL with a deny action
1. Explanation for Answer B: - AWS WAF (Web Application Firewall) is a service that protects web applications from various types of attacks, including SQL injection, cross-site scripting, and more. It also allows you to create custom rules based on the specific needs of your application. - In this scenario, the company wants to restrict bots from accessing their website, particularly those that are originating from IPs with a bad reputation within the same global region. AWS WAF can be used to create a web ACL (Access Control List) that can be associated with the CloudFront distribution. - The managed Amazon IP reputation rule group is a pre-defined rule set in AWS WAF that blocks IP addresses with a bad reputation. By selecting this rule group and setting the action to "deny," the company can effectively block the fake postings from the identified bad IPs. - Therefore, associating an AWS WAF web ACL with the CloudFront distribution and selecting the managed Amazon IP reputation rule group with a deny action (option B) is the most appropriate strategy for this scenario. 2. Other options are incorrect for the following reasons: - Option A suggests using AWS Firewall Manager, which is a service for managing security rules across multiple AWS accounts and resources. However, it does not provide the same level of control and customization as AWS WAF for this specific use case. - Option C also suggests using AWS Firewall Manager with the managed Amazon IP reputation rule group. While Firewall Manager can be used to manage security settings for CloudFront, it does not provide the same level of control as AWS WAF for creating and managing web ACLs. - Option D suggests creating a rule group with a geographical match statement. While this could potentially block requests from specific regions, it does not address the issue of blocking requests from IPs with a bad reputation within the same global region.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company maintains a restaurant review website.The website is a single-page application where files are stored Amazon S3 and delivered using Amazon CloudFront.The company receives several fake postings every day that are manually removed. The security team has identified that most of the fake posts are from Dots with IP addresses that have a bad reputation within the same global region.The team needs to create a solution to help restrict the bots from accessing the website.Which strategy should a solutions architect use ?
A
Use AWS Firewall Manager to control the CloudFront distribution security settings Create a geographical block rule and associate it with Firewall Manager
B
Associate an AWS WAF web ACL with the CloudFront distribution Select the managed Amazon IP reputation rule group for the web ACL with a deny action
C
Use AWS Firewall Manager to control the CloudFront distribution security settings Select the managed Amazon IP reputation rule group and associate it with Firewall Manager with a deny action
D
Associate an AWS WAF web ACL with the CloudFront distribution Create a rule group for the web ACL with a geographical match statement with a deny action