A company's web application is deployed on Amazon EC2 instances behind a public Application Load Balancer. The application flags malicious requests and uses an AWS Lambda function to add the offending IP addresses to the network ACL to block any further request for 24 hours. Recently, the application has been receiving more malicious requests, which causes the network ACL to reach its limit of allowed entries. Which action should be taken to block more IP addresses, without compromising the existing security requirements?
A) Update the AWS Lambda function to remove blocked entries from the network ACL after 2 hours.
B) Update the AWS Lambda function to block malicious IPs in security groups rather than the network ACL.
C) Update the AWS Lambda function to block malicious IPs in AWS WAF attached to the Application Load Balancer.
D) Update the AWS Lambda function to add an additional network ACL to the subnets once the limit for the previous ones has been reached.
Correct Answer:
Verified
Q55: A company is connecting to a VPC
Q56: A network architect is designing an internet
Q57: An architecture is being designed to support
Q58: A company deployed its production Amazon VPC
Q59: Changes made to a security group attached
Q61: Your hybrid networking environment consists of two
Q62: You need to set up an Amazon
Q63: Your organization's corporate website must be available
Q64: You currently use a single security group
Q65: The Web Application Development team is worried
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents