Answer-first summary for fast verification
Answer: Place the application in a private subnet and use a NAT gateway to provide internet access for outbound traffic.
Option B is the correct answer. Placing the application in a private subnet and using a NAT gateway to provide internet access for outbound traffic is a secure way to allow the application to access the internet without exposing it to potential security threats. This approach ensures that the application is not directly accessible from the internet, reducing the attack surface. Option A exposes the application to the internet, which is not secure. Option C, while allowing access to public endpoints, does not provide the same level of security as using a NAT gateway. Option D, allowing open access to the internet, is not recommended and can lead to security vulnerabilities.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your company is using AWS to host a web application that requires access to the internet for certain operations. You want to ensure that this access is secure and does not expose the application to potential security threats. Which of the following steps should you take to achieve this?
A
Place the application in a public subnet with an internet gateway attached to the VPC.
B
Place the application in a private subnet and use a NAT gateway to provide internet access for outbound traffic.
C
Enable access to the public endpoints of required services and allow the application to communicate directly with them.
D
Create a security group with open access to the internet for the application.
No comments yet.