🔥 3-day streak
AWS Certified Security - Specialty182 / 184
Question 182 of 184
A company hosts a public web application behind Amazon CloudFront with an Application Load Balancer origin. During a recent event, attackers sent a high volume of legitimate-looking HTTP GET requests from thousands of distinct IP addresses, overwhelming the origin servers. The requests passed TLS validation and did not match any obvious malicious signatures. The security team needs to mitigate this type of HTTP flood with minimal impact on real users and no application code changes. Which solution best addresses this requirement?
Reviewed for accuracy · Report an issueNext question