AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company notices suspicious network activity against an application that is running on a fleet of Amazon EC2 instances. The suspicious activity is coming from a single IP address. Which AWS service should the company use to block access from this IP address?
Real Exam
Community
RRitesh
A
AWS Shield
B
AWS Config
C
Amazon GuardDuty
D
AWS WAF
Explanation:
Explanation
While AWS WAF is primarily designed for web application layer protection, it is the most appropriate choice among the given options for blocking access from a specific IP address in this scenario.
Analysis of Options:
-
AWS Shield: Provides DDoS protection but is not designed for blocking specific IP addresses
-
AWS Config: Used for auditing and compliance monitoring of AWS resource configurations
-
Amazon GuardDuty: A threat detection service that identifies suspicious activity but does not actively block traffic
-
AWS WAF: A web application firewall that can block traffic based on IP addresses, geographic locations, and other criteria
Why AWS WAF is Correct:
-
IP-based blocking capability: AWS WAF allows you to create rules to block requests from specific IP addresses
-
Application layer protection: Since the question mentions "application" running on EC2 instances, AWS WAF is suitable for protecting web applications
-
Integration with web-facing services: AWS WAF can be deployed with Application Load Balancer, CloudFront, or API Gateway to filter web traffic
Important Note:
In real-world scenarios, the most direct solution would be to modify Security Groups or Network ACLs to block the IP address at the network level. However, since these are not among the options provided, AWS WAF is the best available choice for application-level IP blocking in a certification context.
Comments
Loading comments...