Skip to Content

ANS-C01: How to Use Web Application Firewall (WAF) on AWS

By: Author Alex Lim

Posted on  - Last updated:

Categories Amazon, Exam

Learn how to configure WAF on AWS resources such as Application Load Balancer and CloudFront.

Table of Contents

Question

Which AWS resources can be configured with a Web Application Firewall? (Choose two.)

A. S3
B. DynamoDB
C. Application Load Balancer
D. CloudFront

Answer

C. Application Load Balancer
D. CloudFront

Explanation

The correct answer is C and D. Application Load Balancer and CloudFront. This is because Web Application Firewall (WAF) is a service that helps protect web applications from common web exploits that could affect availability, security, or consume excessive resources.

WAF can be applied to the following AWS resources:

  • Application Load Balancer: This is a load balancer that distributes incoming traffic across multiple targets in multiple Availability Zones based on the content of the request. WAF can be associated with an Application Load Balancer to filter the traffic before it reaches the targets.
  • CloudFront: This is a content delivery network (CDN) that speeds up the delivery of web content by caching it at edge locations closer to the users. WAF can be associated with a CloudFront distribution to filter the traffic before it reaches the origin servers.

The other options are not correct because:

  • A. S3: This is a storage service that provides object storage for web-scale applications. WAF cannot be applied to S3 buckets directly, but it can be used to protect S3 buckets that are used as origins for CloudFront distributions.
  • B. DynamoDB: This is a NoSQL database service that provides fast and consistent performance for web-scale applications. WAF cannot be applied to DynamoDB tables directly, but it can be used to protect DynamoDB tables that are accessed by web applications through Application Load Balancers or API Gateways.

The latest AWS Certified Advanced Networking – Specialty ANS-C01 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Advanced Networking – Specialty ANS-C01 exam and earn AWS Certified Advanced Networking – Specialty ANS-C01 certification.