AWS Load Balancer Security
Question
A company has a web application hosted on an EC2 Instance behind an AWS load balancer.
The application has become a recent target for attacks from the Internet.
The attacks are making use of malformed HTTP requests.
Which of the following service can help mitigate this attack?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D.
The AWS Documentation mentions the following.
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
AWS WAF gives you control over which traffic to allow or block your web applications by defining customizable web security rules.
You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules designed for your specific application.
Option A is incorrect since the Load balancer service is only used to distribute traffic.
Option B is incorrect since this service is used to scale the architecture.
Option C is incorrect since this feature cannot be used to block application level attacks.
For more information on AWS WAF, please refer to the below URL-
https://aws.amazon.com/waf/The service that can help mitigate the attack described in the scenario is AWS WAF (Web Application Firewall).
AWS WAF is a security service that helps protect web applications from common web exploits such as SQL injection attacks, cross-site scripting (XSS) attacks, and more. It allows you to create custom rules to block or allow traffic to your web application based on the specific characteristics of the request, such as the IP address of the requester, the content of the request, or the geographic location of the requester.
In the given scenario, the web application is being targeted by malformed HTTP requests, which are a common form of web exploit. By using AWS WAF, you can create custom rules to block any malformed requests from reaching the EC2 instance behind the load balancer. This will help to protect the application from these attacks.
The other answer choices are not as relevant for this scenario:
- AWS Application Load Balancer is a service that distributes incoming traffic across multiple EC2 instances. While it can help with availability and scalability, it does not provide security features to protect against attacks.
- AWS Autoscaling is a service that automatically adjusts the number of EC2 instances in response to changes in demand. It does not provide security features to protect against attacks.
- Network Access Control Lists (NACLs) are a security feature that acts as a firewall for controlling traffic at the subnet level. While they can be used to block traffic based on IP addresses, they do not provide the granular control and customization needed to block specific types of malformed HTTP requests.
