Amazon Exam SCS-C01 Topic 2 Question 5 Discussion

Actual exam question for Amazon's SCS-C01 exam

Question #: 5
Topic #: 2

An application is currently secured using network access control lists and security groups. Web servers are located in public subnets behind an Application Load Balancer (ALB); application servers are located in private subnets.

How can edge security be enhanced to safeguard the Amazon EC2 instances against attack? (Choose two.)

AConfigure the application's EC2 instances to use NAT gateways for all inbound traffic.

BMove the web servers to private subnets without public IP addresses.

CConfigure AWS WAF to provide DDoS attack protection for the ALB.

DRequire all inbound network traffic to route through a bastion host in the private subnet.

ERequire all inbound and outbound network traffic to route through an AWS Direct Connect connection.

Show Suggested Answer

Suggested Answer: B, C

by Herminia at May 09, 2022, 02:04 AM

Limited Time Offer

25%

Off

Get Premium SCS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!