Multiple Choice
The Security Engineer is managing a web application that processes highly sensitive personal information. The application runs on Amazon EC2. The application has strict compliance requirements, which instruct that all incoming traffic to the application is protected from common web exploits and that all outgoing traffic from the EC2 instances is restricted to specific whitelisted URLs. Which architecture should the Security Engineer use to meet these requirements?
A) Use AWS Shield to scan inbound traffic for web exploits. Use VPC Flow Logs and AWS Lambda to restrict egress traffic to specific whitelisted URLs.
B) Use AWS Shield to scan inbound traffic for web exploits. Use a third-party AWS Marketplace solution to restrict egress traffic to specific whitelisted URLs.
C) Use AWS WAF to scan inbound traffic for web exploits. Use VPC Flow Logs and AWS Lambda to restrict egress traffic to specific whitelisted URLs.
D) Use AWS WAF to scan inbound traffic for web exploits. Use a third-party AWS Marketplace solution to restrict egress traffic to specific whitelisted URLs.
Correct Answer:
Verified
Correct Answer:
Verified
Q1: A Security Engineer launches two Amazon EC2
Q2: A Systems Engineer is troubleshooting the connectivity
Q4: A Security Administrator is configuring an Amazon
Q5: A company has hundreds of AWS accounts,
Q6: A developer is building a serverless application
Q7: A Security Engineer received an AWS Abuse
Q8: A company wants to deploy a distributed
Q9: The Security team believes that a former
Q10: A Security Administrator has a website hosted
Q11: A company's security engineer has been asked