A company has a new web-based account management system for an online game. Players creat…

Question

A company has a new web-based account management system for an online game. Players create a unique username and password to log in to the system. The company has implemented an AWS WAF web ACL for the system. The web ACL includes the core rule set (CRS) AWS managed rule group on the Application Load Balancer that serves the system. The company’s security team finds that the system was the target of a credential stuffing attack. Credentials that were exposed in other breaches were used to try to log in to the system. The security team must implement a solution to reduce the chance of a successful credential stuffing attack in the future. The solution also must minimize impact on legitimate users of the system. Which combination of actions will meet these requirements? (Choose two.)

Accepted Answer

Correct answer: B, E. B. Add the account takeover prevention (ATP) AWS managed rule group to the web ACL. Configure the rule group to inspect login requests to the system. Block any requests that have the awswaf:managed:aws:atp:signal:credential_compromised label. — E. Create a custom block response that redirects users to a secure workflow to reset their password inside the system. — Option B is correct because adding the ATP rule group helps identify and block potentially compromised credentials, effectively reducing the risk of credential stuffing. Option E complements this by providing a secure method for users to reset their passwords, ensuring they can regain access safely. Options A, C, and D do not directly address the root issue of compromised credentials and could unnecessarily inconvenience legitimate users.

AWS Certified Security – Specialty (SCS-C02) — Question 233

Answer options

Correct answer: B, E

Explanation