List of questions
Related questions
Question 105 - SCS-C02 discussion
A company is hosting multiple applications within a single VPC in its IAM account. The applications are running behind an Application Load Balancer that is associated with an IAM WAF web ACL. The company's security team has identified that multiple port scans are originating from a specific range of IP addresses on the internet.
A security engineer needs to deny access from the offending IP addresses.
Which solution will meet these requirements?
A.
Modify the IAM WAF web ACL with an IP set match rule statement to deny incoming requests from the IP address range.
B.
Add a rule to all security groups to deny the incoming requests from the IP address range.
C.
Modify the IAM WAF web ACL with a rate-based rule statement to deny the incoming requests from the IP address range.
D.
Configure the IAM WAF web ACL with regex match conditions. Specify a pattern set to deny the incoming requests based on the match condition
Your answer:
0 comments
Sorted by
Leave a comment first