🔥 3-day streak
AWS Certified Advanced Networking - Specialty118 / 141
Question 118 of 141

A network operations team wants to automatically respond to security-relevant traffic patterns detected in VPC Flow Logs. Flow logs are delivered to a CloudWatch Logs log group. When a source IP generates more than 100 REJECT records against a specific set of hosts within a 5-minute window, the team wants an automated workflow to add the offending IP to a network ACL deny entry without any manual intervention. Which approach implements this with the least operational overhead?

Reviewed for accuracy · Report an issueNext question