Answer-first summary for fast verification
Answer: Establish a Regional AWS WAF web ACL with rate-based rules to protect the API Gateway stage.
The correct answer is B: 'Establish a Regional AWS WAF web ACL with rate-based rules to protect the API Gateway stage.' This solution provides a straightforward and automated way to mitigate HTTP flood attacks by setting rate limits, which block excessive requests and prevent abuse. It integrates directly with the API Gateway, ensuring minimal operational overhead.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A financial company's web application on AWS uses an API Gateway Regional API for fetching stock prices. The security team is concerned about a surge in API requests that could indicate an HTTP flood attack, potentially disrupting the service. As a solutions architect, design a minimal operational overhead solution to mitigate this risk.
A
Deploy an Amazon CloudFront distribution with a 24-hour TTL to cache responses from the API Gateway.
B
Establish a Regional AWS WAF web ACL with rate-based rules to protect the API Gateway stage.
C
Leverage Amazon CloudWatch to track the API request count and trigger alerts for the security team at threshold breaches.
D
Integrate Lambda@Edge with Amazon CloudFront to execute a Lambda function that identifies and blocks high-rate IP addresses targeting the API Gateway.
No comments yet.