Answer-first summary for fast verification
Answer: AWS WAF
## Explanation AWS WAF (Web Application Firewall) is the correct service for this requirement because: - **AWS WAF** is specifically designed to protect web applications from common web exploits by allowing you to create custom rules to filter and control incoming web traffic - It can be deployed on Amazon CloudFront, Application Load Balancer (ALB), or API Gateway to protect web applications running on EC2 instances - **Amazon GuardDuty** is a threat detection service that continuously monitors for malicious activity and unauthorized behavior, but it doesn't provide custom filtering capabilities - **Amazon Macie** is a data security service that uses machine learning to discover and protect sensitive data, not for web traffic filtering - **AWS Shield** is a managed DDoS protection service that provides automatic protection against DDoS attacks, but doesn't offer custom rule-based filtering AWS WAF allows you to create custom rules to block specific IP addresses, SQL injection patterns, cross-site scripting (XSS) attacks, and other web exploits, making it ideal for implementing custom conditions to filter inbound web traffic.
Author: Ritesh Yadav
Ultimate access to all questions.
A company is hosting a web application on Amazon EC2 instances. The company wants to implement custom conditions to filter and control inbound web traffic. Which AWS service will meet these requirements?
A
Amazon GuardDuty
B
AWS WAF
C
Amazon Macie
D
AWS Shield
No comments yet.