Multiple Choice
A web company is looking to implement an intrusion detection and prevention system into their deployed VPC. This platform should have the ability to scale to thousands of instances running inside of the VPC. How should they architect their solution to achieve these goals?
A) Configure an instance with monitoring software and the elastic network interface (ENI) set to promiscuous mode packet sniffing to see an traffic across the VPC.
B) Create a second VPC and route all traffic from the primary application VPC through the second VPC where the scalable virtualized IDS/IPS platform resides.
C) Configure servers running in the VPC using the host-based 'route' commands to send all traffic through the platform to a scalable virtualized IDS/IPS.
D) Configure each host with an agent that collects all network traffic and sends that traffic to the IDS/IPS platform for inspection.
Correct Answer:
Verified
Correct Answer:
Verified
Q107: A company has an Amazon EC2 deployment
Q108: A large company is migrating its entire
Q109: A company runs a public-facing application that
Q110: A company is using AWS CloudFormation to
Q111: A company hosts a legacy application that
Q113: Your company currently has a 2-tier web
Q114: An advisory firm is creating a secure
Q115: A large multinational company runs a timesheet
Q116: A company wants to move a web
Q117: A company is using multiple AWS accounts.