🔥 3-day streak
AWS Certified Security - Specialty155 / 157
Question 155 of 157
A company protects its public API behind an Application Load Balancer using an AWS WAF web ACL. The web ACL contains three rules evaluated in this priority order: (1) an AWS Managed Rules Common Rule Set in Block action, (2) a rate-based rule limiting requests to 2,000 per 5 minutes with Block action, and (3) an IP set rule that Allows traffic from the company's trusted partner CIDR ranges. The security team reports that legitimate high-volume automated traffic from a trusted partner is being blocked during peak periods. The team wants trusted partner traffic to bypass the rate-based throttling while still enforcing the rate limit for everyone else. What change best achieves this?
Reviewed for accuracy · Report an issueNext question