Answer-first summary for fast verification
Answer: Deploy an AWS WAF rule to identify and mitigate malicious traffic., Transform the public API into a private one, with DNS updates to guide users to the updated endpoint.
To protect a publicly accessible API from unauthorized requests, implementing AWS WAF rules can help identify and mitigate malicious traffic (Option C). Additionally, converting the public API to a private one and updating DNS records to direct users to a new endpoint ensures a more controlled access environment (Option D). These steps offer a robust defense against fraudulent requests by leveraging AWS's security features and access controls.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company's serverless application, utilizing Amazon API Gateway and AWS Lambda, has experienced a surge in traffic due to botnet-induced fraudulent requests. What measures should a solutions architect implement to mitigate unauthorized access? (Select two strategies.)
A
Establish a usage plan with a restricted API key for authorized users.
B
Embed logic in the Lambda function to disregard requests originating from identified fraudulent IP addresses.
C
Deploy an AWS WAF rule to identify and mitigate malicious traffic.
D
Transform the public API into a private one, with DNS updates to guide users to the updated endpoint.
E
Assign unique IAM roles to users for API access, requiring role assumption during each API call.
No comments yet.