A company's serverless application, utilizing Amazon API Gateway and AWS Lambda, has experienced a surge in traffic due to botnet-induced fraudulent requests. What measures should a solutions architect implement to mitigate unauthorized access? (Select two strategies.)

Exam-Like

Establish a usage plan with a restricted API key for authorized users.

16.7%

Embed logic in the Lambda function to disregard requests originating from identified fraudulent IP addresses.

0.0%

Deploy an AWS WAF rule to identify and mitigate malicious traffic.

50.0%

Transform the public API into a private one, with DNS updates to guide users to the updated endpoint.

16.7%

Assign unique IAM roles to users for API access, requiring role assumption during each API call.

16.7%

AWS Certified Solutions Architect - Associate