ANS-C01 Domain 4: Network Security, Compliance, and Governance

A hybrid environment must support a goal to protect L7 APIs from bots without changing application code. What should you implement? protect L7 APIs from bots.

Multiple choice — select one answer

Answer choices

  1. a. SSM Session Manager instead of bastion SSH
  2. b. API Gateway private REST APIs with VPC endpoint
  3. c. API Gateway mutual TLS or ALB trust stores
  4. d. AWS WAF with Bot Control

Architectural breakdown & explanation

WAF mitigates application attacks.

Correct answer(s): d. AWS WAF with Bot Control

Exam domain: Domain 4: Network Security, Compliance, and Governance (24% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Advanced Networking – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.