A company is using AWS WAF to protect their web application. They are noticing a high volume of requests from malicious IP addresses that are constantly changing. They want to automatically block IP addresses that exhibit anomalous behavior, such as scanning for vulnerabilities. Which AWS WAF feature should they use?

Answer options:

Create a custom Lambda function to parse CloudFront logs and update WAF IP sets.

AWS WAF Bot Control and Managed Rules for IP Reputation.

AWS Shield Standard.

Amazon GuardDuty.

How to approach this question

Leverage AWS Managed Rules for WAF.

Full Answer

B.AWS WAF Bot Control and Managed Rules for IP Reputation.✓ Correct

AWS WAF Managed Rules provide pre-configured rule sets maintained by AWS, including IP reputation lists (blocking known bad actors) and Bot Control (blocking anomalous scanning behavior).

Common mistakes

Building custom log parsers instead of using Managed Rules.

Question 58 All questions Question 60

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 2

75 questions · hints · full answers · grading

More questions from this exam

Q01A company is setting up a multi-account AWS environment using AWS Organizations. They need to ens...Easy Q02An enterprise needs to connect its on-premises data center to AWS. They require a dedicated, priv...Easy Q03A company wants to share a single AWS Transit Gateway across multiple AWS accounts within their A...Easy Q04An architect needs to design a highly available database architecture that spans multiple AWS Reg...Easy Q05A global financial institution is migrating its core banking application to AWS. The application ...Medium

View all 75 questions →