🔥 3-day streak
AWS Certified Security - Specialty184 / 184
Question 184 of 184
A company runs a public web application behind an Application Load Balancer (ALB) in the us-east-1 Region. The security team wants to protect the application from common exploits using AWS WAF and needs the Web ACL to inspect requests before they reach the backend targets. During implementation, the engineer creates a Web ACL in the CloudFront (Global) scope but cannot associate it with the ALB. What is the correct approach to protect the ALB with AWS WAF?
Reviewed for accuracy · Report an issue