AWS Certified Security – Specialty — Question 227

A security engineer has noticed an unusually high amount of traffic coming from a single IP address. This was discovered by analyzing the Application Load
Balancer's access logs.
How can the security engineer limit the number of requests from a specific IP address without blocking the IP address?

Answer options

• A. Add a rule to the Application Load Balancer to route the traffic originating from the IP address in question and show a static webpage.
• B. Implement a rate-based rule with AWS WAF.
• C. Use AWS Shield to limit the originating traffic hit rate.
• D. Implement the GeoLocation feature in Amazon Route 53.

Correct answer: B

Explanation

The correct answer is B, as implementing a rate-based rule with AWS WAF allows the security engineer to limit the number of requests from a specific IP address without blocking it entirely. Option A would redirect traffic but not control the request rate, while C focuses on DDoS protection rather than request limiting. Option D is irrelevant in this context as it does not address request volume from a specific IP.