A company runs a public serverless application using Amazon API Gateway and AWS Lambda. Traffic recently spiked because of fraudulent botnet requests. Which steps should a solutions architect take to block requests from unauthorized users? (Choose two.)
Choose an answer
Tap an option to check your answer.
Correct answer: Create a usage plan with an API key that is shared only with genuine users., Implement an AWS WAF rule to target malicious requests and take actions to filter them out..
Why this is the answer
To block unauthorized users and botnet requests, a solutions architect should implement an AWS WAF rule. AWS WAF (Web Application Firewall) allows you to define rules based on IP addresses, HTTP headers, HTTP body, or URI strings to filter out malicious traffic before it reaches your API Gateway or Lambda function. This effectively targets and blocks botnet requests. Additionally, creating a usage plan with an API key shared only with genuine users provides an authentication layer. Only requests presenting a valid API key will be processed, effectively blocking
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed