SCS-C03 · Question #115
SCS-C03 Question #115: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #115. The question stem and answer options stay visible for context.
Question
A security engineer for a company is investigating suspicious traffic on a web application in the AWS Cloud. The web application is protected by an Application Load Balancer (ALB) behind an Amazon CloudFront distribution. There is an AWS WAF web ACL associated with the ALB. The company stores AWS WAF logs in an Amazon S3 bucket. The engineer notices that all incoming requests in the AWS WAF logs originate from a small number of IP addresses that correspond to CloudFront edge locations. The security engineer must identify the source IP addresses of the clients that are initiating the suspicious requests. Which solution will meet this requirement?
Options
- AEnable VPC Flow Logs in the VPC where the ALB is deployed. Examine the source field to
- BInspect the X-Forwarded-For header in the AWS WAF logs to determine the original client IP
- CModify the CloudFront distribution to disable ALB connection reuse. Examine the clientIp field in
- DConfigure CloudFront to add a custom header named Client-IP to origin requests that are sent to
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.