Sampled Requests for AWS WAF on Application Load Balancer

Correct Answer: A.

AWS WAF has two different ways to check how WAF ACL rules protect a resource.

One-minute metrics can be used which are available in Amazon CloudWatch and are stored as per the time period configured with Amazon CloudWatch.

Another way is to use Sampling requests which can be viewed from the AWS WAF console and are stored for up to 3 hours.

Option B is incorrect as Sampled Web requests are available in the AWS WAF console and not in Amazon CloudWatch.

Option C is incorrect as Sampled Web requests are available in the AWS WAF console and not in Amazon CloudWatch.

These requests are stored for up to 3 hours and not 6 hours.

Option D is incorrect as Sampled Web requests are stored up to 3 hours and not 6 hours.

For more information on testing rules with AWS WAF, refer to the following URLs,

https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html#web-acl-testing-view-sample https://aws.amazon.com/waf/faqs/

AWS WAF (Web Application Firewall) is a web application firewall service that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF can be used with Amazon CloudFront and Application Load Balancer to control and inspect web traffic to and from web applications.

When AWS WAF is configured with an Application Load Balancer, it can sample incoming web requests to the web application to help identify potential threats. The SysOps team has enabled sampling requests for the Application Load Balancer, which means that a subset of the incoming requests will be selected for inspection.

The Operations team is interested in the sampled requests and wants to know how long they will be stored and where they can access them. The correct statement for the sampled request is:

Option A: Sampled Web Requests are stored for up to 3 hours and are available in the AWS WAF management console.

This means that the sampled requests are stored for a maximum of 3 hours, and they can be accessed in the AWS WAF management console. The AWS WAF management console provides a graphical user interface (GUI) that allows users to create and manage web access control lists (ACLs) and rules, monitor web traffic, and view the results of AWS WAF inspections.

Option B: Sampled Web Requests are stored for up to 6 hours and are available in the Amazon CloudWatch console.

This statement is incorrect because sampled web requests are not stored in the Amazon CloudWatch console. CloudWatch is a monitoring and observability service that provides data and insights into AWS resources, applications, and services. CloudWatch can collect and store log data from various sources, including AWS WAF, but it does not store sampled web requests.

Option C: Sampled Web Requests are stored for up to 3 hours and are available in the Amazon CloudWatch console.

This statement is also incorrect because sampled web requests are not stored in the Amazon CloudWatch console. As explained above, CloudWatch does not store sampled web requests.

Option D: Sampled Web Requests are stored for up to 6 hours and are available in the AWS WAF management console.

This statement is incorrect because the correct time frame for storing sampled web requests is up to 3 hours, not 6 hours. Additionally, the statement suggests that the sampled requests can be accessed in the AWS WAF management console, which is correct, but it does not mention any other storage or access options.

In conclusion, the correct statement for the sampled request is that Sampled Web Requests are stored for up to 3 hours and are available in the AWS WAF management console.