SAP-C02 · Question #37
SAP-C02 Question #37: Real Exam Question with Answer & Explanation
The correct answer is B: Associate an AWS WAF web ACL with the CloudFront distribution. Select the managed Amazon. IP reputation rule groups allow you to block requests based on their source. Choose one or more of these rule groups if you want to reduce your exposure to BOTS!!!! traffic or exploitation attempts The Amazon IP reputation list rule group contains rules that are based on Amazon i
Question
A company maintains a restaurant review website. The website is a single-page application where files are stored in Amazon S3 and delivered using Amazon CloudFront. The company receives several fake postings every day that are manually removed. The security team has identified that most of the fake posts are from bots with IP addresses that have a bad reputation within the same global region. The team needs to create a solution to help restrict the bots from accessing the website. Which strategy should a solutions architect use?
Options
- AUse AWS Firewall Manager to control the CloudFront distribution security settings. Create a
- BAssociate an AWS WAF web ACL with the CloudFront distribution. Select the managed Amazon
- CUse AWS Firewall Manager to control the CloudFront distribution security settings. Select the
- DAssociate an AWS WAF web ACL with the CloudFront distribution. Create a rule group for the
Explanation
IP reputation rule groups allow you to block requests based on their source. Choose one or more of these rule groups if you want to reduce your exposure to BOTS!!!! traffic or exploitation attempts The Amazon IP reputation list rule group contains rules that are based on Amazon internal threat intelligence. This is useful if you would like to block IP addresses typically associated with bots or other threats. Inspects for a list of IP addresses that have been identified as bots by Amazon threat intelligence.
Community Discussion
No community discussion yet for this question.