Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam ANS-C01 Topic 1 Question 42 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 42
Topic #: 1
[All ANS-C01 Questions]

A company is planning to host external websites on AWS. The websites will include multiple tiers such as web servers, application logic services, and databases. The company wants to use AWS Network Firewall. AWS WAR and VPC security groups for network security.

The company must ensure that the Network Firewall firewalls are deployed appropriately within relevant VPCs. The company needs the ability to centrally manage policies that are deployed to Network Firewall and AWS WAF rules. The company also needs to allow application teams to manage their own security groups while ensuring that the security groups do not allow overly permissive access.

What is the MOST operationally efficient solution that meets these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Charolette
1 months ago
Option D looks good, but I'm a little worried about the performance impact of using GuardDuty. Maybe we could use a custom Lambda function instead to keep things snappy.
upvoted 0 times
Cheryl
13 days ago
A: Option D sounds solid, but I agree, GuardDuty might slow things down.
upvoted 0 times
...
...
Lashaun
1 months ago
Hmm, this is a tough one. I'm leaning towards option C because it seems to offer the most centralized management of the security components. But I'm open to hearing what the other candidates think.
upvoted 0 times
...
Brock
1 months ago
I don't know, man. This whole cloud security thing is starting to make my head spin. I just want to write some code and not worry about all this networking mumbo jumbo.
upvoted 0 times
Lizbeth
13 days ago
D: Agreed, and using GuardDuty to monitor for any overly permissive rules is crucial for security.
upvoted 0 times
...
Victor
23 days ago
C: Option A seems like a good choice, using CloudFormation to deploy and manage the security objects.
upvoted 0 times
...
Kendra
28 days ago
B: Yeah, we need to figure out the best solution to meet the company's requirements.
upvoted 0 times
...
Shawna
29 days ago
A: I hear you, cloud security can be overwhelming. But it's important to make sure our websites are secure.
upvoted 0 times
...
...
Nan
1 months ago
I'm not sure, but I think option C could also be a good choice. It involves using AWS Firewall Manager for managing the security groups.
upvoted 0 times
...
Elenor
2 months ago
I agree with Douglass. Option D seems to cover all the requirements effectively.
upvoted 0 times
...
Douglass
2 months ago
I think the most operationally efficient solution is option D.
upvoted 0 times
...
Fannie
2 months ago
Option D looks good, but I'm not sure about using Amazon GuardDuty to monitor for overly permissive rules. Wouldn't it be better to use a more robust solution like AWS Config or AWS Security Hub?
upvoted 0 times
...
Kattie
2 months ago
This seems like a pretty straightforward question. I think option D is the best solution as it allows for centralized management of the security policies while still giving the application teams the ability to manage their own security groups.
upvoted 0 times
Jacquline
21 days ago
It's important to strike a balance between centralized control and allowing application teams some autonomy.
upvoted 0 times
...
Natalya
1 months ago
Centralized management of security policies is crucial for maintaining a secure environment.
upvoted 0 times
...
Scarlet
1 months ago
I think using AWS CloudFormation for deployment and AWS Firewall Manager for management is a good approach.
upvoted 0 times
...
Leslee
1 months ago
I agree, option D seems like the most efficient solution for this scenario.
upvoted 0 times
...
...

Save Cancel