ANS-C01 Domain 4: Network Security, Compliance, and Governance

What is the MOST appropriate AWS solution to protect L7 APIs from bots?

Multiple choice — select one answer

Answer choices

  1. a. API Gateway private REST APIs with VPC endpoint
  2. b. SSM Session Manager instead of bastion SSH
  3. c. Network Firewall domain list rules
  4. d. AWS WAF with Bot Control

Architectural breakdown & explanation

WAF mitigates application attacks.

Correct answer(s): d. AWS WAF with Bot Control

Exam domain: Domain 4: Network Security, Compliance, and Governance (24% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Advanced Networking – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.