Home › Forums › AWS › AWS Certified Solutions Architect Associate › Practice exam 1 Q30 answer › Reply To: Practice exam 1 Q30 answer
-
Hello CP9,
Setting an IP address to whitelist/blacklist in AWS WAF is optional. You can set and combine conditions other than IP matching, such as inspecting for a specific header value, query parameters, body, method, etc, in a request. Matching requests will count towards the rate-limit threshold that you configure. For example, in a typical DDoS attack it’s quite common for requests to exhibit similar access patterns. In such cases, AWS WAF can effectively block them even without knowing the specific IP addresses.
Let me know if this helps.
Regards,
Carlo @ Tutorials Dojo