Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Associate Practice exam 1 Q30 answer

  • Practice exam 1 Q30 answer

     CP9 updated 3 months, 1 week ago 2 Members · 3 Posts
    AWS Certified Solutions Architect Associate

  • CP9

    Member
    January 19, 2024 at 2:04 pm

    Hi, I would like to be clarified about the answer of the Practice exam 1 Q30.
    The answer is “    Create a rate-based rule in AWS WAF and associate the web ACL to an Application Load Balancer”. From my understanding, the rate-based rule is suitable for controlling the request rate from a single IP address or a limited set of IP addresses. However, the question mentioned that the illegitimate requests are “from multiple systems with IP addresses that constantly change”. So I wonder if the answer actually satisfy the question’s requirement? Thanks.

    Screenshot 2024-01-19 185801

  • Carlo-TutorialsDojo

    Administrator
    January 19, 2024 at 6:07 pm

    Hello CP9,

    Setting an IP address to whitelist/blacklist in AWS WAF is optional. You can set and combine conditions other than IP matching, such as inspecting for a specific header value, query parameters, body, method, etc, in a request. Matching requests will count towards the rate-limit threshold that you configure. For example, in a typical DDoS attack it’s quite common for requests to exhibit similar access patterns. In such cases, AWS WAF can effectively block them even without knowing the specific IP addresses.

    Let me know if this helps.

    Regards,
    Carlo @ Tutorials Dojo

  • CP9

    Member
    January 20, 2024 at 8:09 am

    Hi Carlo,

    Thank you for the clarification. It helped answer my question clearly 🙂

Viewing 1 - 3 of 3 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now