Exam 5 - Question 36

[kalel552]

Which of the following services can be used to monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront?

A. AWS WAF.
B. Amazon CloudWatch.
C. AWS Cloud9.
D. AWS CloudTrail.

I know there was an issue opened before and you said the B is the correct answer, but looking up the definition of WAF, this comes up:

AWS WAF is a web application firewall that lets you monitor the HTTP(S) requests that are forwarded to your protected web application resources. You can protect the following resource types:

Amazon CloudFront distribution
Amazon API Gateway REST API
Application Load Balancer
AWS AppSync GraphQL API
Amazon Cognito user pool
AWS App Runner service
AWS Verified Access instance

https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html

[furqann]

I think the question emphasizes on monitoring HTTP and HTTPS requests that are forwarded to Amazon CloudFront, if it has said how can you secure (blocking or allowing), then the answer must be AWS WAF but here it's only asking about monitoring which makes the Amazon CloudWatch more suitable since it has various metrics and you can even set alarms.

I hope this answers your question.

[kananinirav]

@furqann Agree with you. 💯
@kalel552 Please check for more details #201