Answer-first summary for fast verification
Answer: Place a Gateway Load Balancer in the inspection VPC, with an endpoint to capture and forward incoming traffic to the firewall.
The correct answer is D. Deploying a Gateway Load Balancer in the inspection VPC and creating a Gateway Load Balancer endpoint to receive the incoming packets and forward them to the appliance offers the least operational overhead. This setup allows the firewall to inspect traffic efficiently, leveraging the capabilities of the Gateway Load Balancer specifically designed for such scenarios. This method simplifies the traffic flow management without the need for complex routing configurations or additional infrastructure, making it the optimal solution with minimal operational overhead.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In an AWS environment, a company's three-tier web application has web servers in a public subnet and application/database servers in private subnets within the same VPC. A third-party virtual firewall from AWS Marketplace is deployed in an inspection VPC for packet inspection. What is the least operationally intensive method to integrate this firewall with the web application to inspect incoming traffic before it hits the web server?
A
Utilize a Network Load Balancer in the application's public subnet to direct traffic to the firewall for inspection.
B
Implement an Application Load Balancer in the public subnet to route traffic to the firewall.
C
Establish a transit gateway in the inspection VPC, setting up route tables for traffic to pass through the gateway.
D
Place a Gateway Load Balancer in the inspection VPC, with an endpoint to capture and forward incoming traffic to the firewall.
No comments yet.