Amazon Exam ANS-C00 Topic 9 Question 42 Discussion

Actual exam question for Amazon's ANS-C00 exam

Question #: 42
Topic #: 9

A company's web application is deployed on Amazon EC2 instances behind a public Application Load Balancer. The application flags malicious requests and uses an AWS Lambda function to add the offending IP addresses to the network ACL to block any further request for 24 hours. Recently, the application has been receiving more malicious requests, which causes the network ACL to reach its limit of allowed entries.

Which action should be taken to block more IP addresses, without compromising the existing security requirements?

AUpdate the AWS Lambda function to remove blocked entries from the network ACL after 2 hours.

BUpdate the AWS Lambda function to block malicious IPs in security groups rather than the network ACL.

CUpdate the AWS Lambda function to block malicious IPs in AWS WAF attached to the Application Load Balancer.

DUpdate the AWS Lambda function to add an additional network ACL to the subnets once the limit for the previous ones has been reached.

Show Suggested Answer

Suggested Answer: C

by Glen at May 04, 2022, 02:43 PM

Limited Time Offer

25%

Off

Get Premium ANS-C00 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!