Answer-first summary for fast verification
Answer: Modify the AWS WAF web ACL with an IP set match rule statement to deny incoming requests from the IP address range.
The correct answer is A. Modifying the AWS WAF web ACL with an IP set match rule statement to deny incoming requests from the specified IP address range is the most effective solution. This approach allows you to block traffic from the identified malicious IP addresses at the web application firewall level, which is suitable and efficient for the task. Option B is incorrect because security groups in AWS cannot explicitly deny traffic; they can only allow traffic. Option C is not suitable since rate-based rules in AWS WAF are used to limit the rate of requests, not to block specific IP ranges directly. Option D is also not appropriate as regex match conditions are generally used for string pattern matching within the request, not IP address blocking.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In an AWS environment, a company is managing multiple applications within a single VPC. These applications are accessible via an Application Load Balancer associated with an AWS WAF web ACL. The security team has detected numerous port scans originating from a specific range of IP addresses on the internet. To enhance security, a security engineer is tasked with blocking these malicious IP addresses. Which of the following solutions would effectively address this security concern?
A
Modify the AWS WAF web ACL with an IP set match rule statement to deny incoming requests from the IP address range.
B
Add a rule to all security groups to deny the incoming requests from the IP address range.
C
Modify the AWS WAF web ACL with a rate-based rule statement to deny the incoming requests from the IP address range.
D
Configure the AWS WAF web ACL with regex match conditions. Specify a pattern set to deny the incoming requests based on the match condition.
No comments yet.