A sysops administrator observes a large number of rogue HTTP requests on an Application Load Balancer. The requests originate from various IP addresses. These requests cause increased server load and costs.
What should the administrator do to block this traffic?
- Install Amazon Inspector on Amazon EC2 instances to block the traffic.
- Use Amazon GuardDuty to protect the web servers from bots and scrapers.
- Use AWS Lambda to analyze the web server logs, detect bot traffic, and block the IP addresses in thesecurity groups.
- Use an AWS WAF rate-based rule to block the traffic when it exceeds a threshold.
AWS WAF has rules that can protect web applications from HTTP flood [1] attacks.
[1] https://docs.aws.amazon.com/solutions/latest/aws-waf-security-automations/capabilities.html