Multiple Choice
You are designing an intrusion detection prevention (IDS/IPS) solution for a customer web application in a single VPC. You are considering the options for implementing IOS IPS protection for traffic coming from the Internet. Which of the following options would you consider? (Choose 2 answers)
A) Implement IDS/IPS agents on each Instance running in VPC
B) Configure an instance in each subnet to switch its network interface card to promiscuous mode and analyze network traffic.
C) Implement Elastic Load Balancing with SSL listeners in front of the web applications
D) Implement a reverse proxy layer in front of web servers and configure IDS/IPS agents on each reverse proxy server.
Correct Answer:
Verified
Correct Answer:
Verified
Q702: The CISO of a large enterprise with
Q703: A retail company processes point-of-sale data on
Q704: In CloudFormation, you cannot create an Amazon
Q705: A company has an application that sells
Q706: In the context of AWS CloudFormation, which
Q708: A company has a media catalog with
Q709: To get started using AWS Direct Connect,
Q710: When I/O performance is more important than
Q711: A company has an application that generates
Q712: In the context of IAM roles for