A company’s web application runs on Amazon EC2 instances behind an Application Load Balancer. The company’s policy now requires that the application be accessible from only one specific country. Which configuration will enforce this requirement?
Choose an answer
Tap an option to check your answer.
Correct answer: Configure AWS WAF on the Application Load Balancer in a VPC..
Why this is the answer
Configuring AWS WAF (Web Application Firewall) on the Application Load Balancer allows you to create geo-restriction rules. These rules can block or allow requests based on the country of origin, directly addressing the requirement to restrict access to a specific country. Security groups and network ACLs operate at the IP address level and do not inherently provide country-based filtering. While you could manually block IP ranges, this is impractical and constantly changing, unlike WAF's built-in geo-restriction capabilities.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed