A company has set up a set of EC2 Instances behind an Application Load Balancer. There seems to be a barrage of requests from a series of URLs. You need to have these URLs blacklisted. How can you achieve this in an ongoing manner?

Answer options:

A.Deny the URLs via the Security Groups for the Instance.
B.Deny the URLs via the NACLs for the subnet.
C.Put a WAF in front of the Application Load Balancer.
D.Use AWS VPC Flow logs to prevent attacks from the URLs.

Answer – C
Options A and B are incorrect since these can be used to blacklist IPs.
Option D is incorrect since this cannot be used to prevent attacks from the Internet.
The AWS Documentation mentions the following.
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over traffic to allow or block your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
For more information on the AWS WAF, please refer to the below URL
https://aws.amazon.com/waf/