AWS Certified SysOps Administrator – Associate (legacy) — Question 509

A SysOps Administrator at an ecommerce company discovers that several 404 errors are being sent to one IP address every minute. The Administrator suspects a bot is collecting information about products listed on the company's website.
Which service should be used to block this suspected malicious activity?

Answer options

• A. AWS CloudTrail
• B. Amazon Inspector
• C. AWS Shield Standard
• D. AWS WAF

Correct answer: D

Explanation

AWS WAF (Web Application Firewall) allows you to define custom rules to block web requests from specific IP addresses, making it the ideal service to prevent bot scraping. AWS CloudTrail is an auditing and compliance service, while Amazon Inspector is used for security vulnerability scanning rather than traffic blocking. AWS Shield Standard provides automatic protection against common DDoS attacks but lacks the granular IP-blocking capabilities needed to target specific bot behaviors.