1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SAA-C03 Discussions
  6. SAA-C03 Exam Topic 3 Question 25 Discussion

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 25 Topic 3 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 25 Topic 3 Discussion

SAA-C03 Exam Topic 3 Question 25 Discussion:
Question #: 25
Topic #: 3

A developer creates a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. The developer reviews the deployment and notices some suspicious traffic to the application. The traffic is malicious and is coming from a single public IP address. A solutions architect must block the public IP address.

Which solution will meet this requirement?
A.

Create a security group rule to deny all inbound traffic from the suspicious IP address. Associate the security group with the ALB.

B.

Implement Amazon Detective to monitor traffic and to block malicious activity from the internet. Configure Detective to integrate with the ALB.

C.

Implement AWS Resource Access Manager (AWS RAM) to manage traffic rules and to block malicious activity from the internet. Associate AWS RAM with the ALB.

D.

Add the malicious IP address to an IP set in AWS WAF. Create a web ACL. Include an IP set rule with the action set to BLOCK. Associate the web ACL with the ALB.

Get Premium SAA-C03 Questions
Actual exam question for Amazon Web Services SAA-C03 exam by Axel38270 at Oct 9, 2025, 1:42:41 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next