🔥 3-day streak
AWS Certified Advanced Networking - Specialty140 / 141
Question 140 of 141
A retail company runs a public API behind an Application Load Balancer. During flash sales, a small number of client IP addresses generate bursts of legitimate-looking HTTP GET requests that overwhelm backend targets, causing 5xx errors for all users. Standard signature-based rules do not match the requests because they are well-formed. The security team wants an AWS-native, managed control that automatically blocks individual source IPs that exceed a request threshold over a rolling time window, while leaving other clients unaffected. Which solution best meets this requirement?
Reviewed for accuracy · Report an issueNext question