Home › AWS SysOps Associate › cloudcomputing › sysopssecuritynetwork › An application backed by an ALB receives an unus…
An application backed by an ALB receives an unusually high number of 4xx errors from a few IP ranges. Which approach BEST blocks them at the edge before traffic reaches the ALB?
ADisabling the ALB temporarily
BManually adding security-group ingress denies (security groups have no explicit deny)
CAWS WAF web ACL with an IP-set rule and rate-based rules in front of the ALB
DMigrating to AWS Snowball
Answer & Solution
Correct answer: C. AWS WAF web ACL with an IP-set rule and rate-based rules in front of the ALB
WAF supports IP sets and rate-based rules and sits in front of ALB / CloudFront / API Gateway. Security groups don't have deny rules. Disabling the ALB takes down service; Snowball is offline transfer.
Related questions
Which managed AWS service centralises and accelerates cross-Region private traffic betweenWhich Route 53 feature distributes requests to multiple endpoints proportionally based on Which AWS service allows centrally rotating keys, audit-logging key usage, and enforcing kAn EC2 instance in a private subnet needs outbound HTTPS to api.example.com but no inboundWhich AWS service tests an IAM policy against a hypothetical request and explains which stWhich managed service lets you privately connect a VPC to an AWS service (e.g. S3, DynamoDWhich networking object inside a VPC is STATELESS (return traffic doesn't auto-allow) and Which AWS feature provides DDoS protection at L3/L4 for all AWS customers by default, with