An IT firm is using AWS WAF in front of Amazon API Gateway. Recently the operations team has observed malicious traffic hitting API Gateway and has created an updated AWS WAF ACL to prevent this traffic from impacting API Gateway. As a Sysops administrator, you are assigned to test the Web ACL before applying to API Gateway in the production environment.
Which is the correct action to test the web ACL rules without any impact on production traffic?

Answer options:

A.Configure all rules in a rules group to count the request and set default action as allow.
B.Configure all rules in a web ACL to count the request and set default action as allow.
C.Configure all rules in a web ACL to count the request and set default action as a block.
D.Configure all rules in a rules group to count the request and set default action as a block.

Correct Answer: B
For testing new Web ACLs in AWS WAF to avoid an impact on the production network, the following configurations can be done.
Configure all the rules in a web ACL to count web requests.
Set the default action for the web ACL to allow requests.
Option A is incorrect as rules should be part of web ACL and not part of the rules group.
Option C is incorrect as default action should be kept as allow and not block; it will deny all legitimate traffic within the production environment.
Option D is incorrect as rules should be part of web ACL and not part of the rules group.
For more information on testing web ACLs with AWS WAF, refer to the following URL,
https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html