Multiple Choice
Some highly sensitive analytics workloads are to be moved to Amazon EC2 hosts. Threat modeling has found that a risk exists where a subnet could be maliciously or accidentally exposed to the internet. Which of the following mitigations should be recommended?
A) Use AWS Config to detect whether an Internet Gateway is added and use an AWS Lambda function to provide auto-remediation.
B) Within the Amazon VPC configuration, mark the VPC as private and disable Elastic IP addresses.
C) Use IPv6 addressing exclusively on the EC2 hosts, as this prevents the hosts from being accessed from the internet.
D) Move the workload to a Dedicated Host, as this provides additional network security controls and monitoring.
Correct Answer:
Verified
Correct Answer:
Verified
Q218: The Security Engineer implemented a new vault
Q219: A company has Windows Amazon EC2 instances
Q220: The Security Engineer created a new AWS
Q221: A company needs to encrypt all of
Q222: A Security Administrator at a university is
Q224: A company uses AWS Organization to manage
Q225: A Software Engineer is trying to figure
Q226: A company has an application that uses
Q227: A development team is using an AWS
Q228: A Systems Administrator has written the following