Certified Security - Specialty
  1. Rooms
  2. Certified Security - Specialty

Sign Up Free or Log In to participate!

Quiz question

The question states "Which of the following would you use to block inbound network traffic from a known IP address range from reaching your VPC subnet?" The answers have WAF and NACL. According to the WAF FAQ it states you can block by IP addresses, so couldn’t it be both? NACL and WAF

inf

Agree. Question should state : "Which of the following would you use to block ALL inbound network traffic from a known IP address range from reaching your VPC subnet?"

1 Answers

WAF is not used to block access to a subnet, but to an application hosted in API GW , ALB etc. Even if you block an IP using WAF, it can still reach the subnet if the protocol used is not HTTP/S.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization