AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create a customer-managed prefix list. Add entries for the initial list of on-premises IPv4 hosts. Create a resource share in AWS Resource Access Manager. Add the managed prefix list to the resource share. Share the resource with the organization.

The correct solution must allow for the management of a list of IPv4 addresses with version control and make this list available to multiple AWS accounts within an organization. Option A is correct because it involves creating a customer-managed prefix list, which can be used to manage a list of IP addresses. By adding this prefix list to a resource share in AWS Resource Access Manager (RAM) and sharing it with the organization, it ensures that the list is available to all AWS accounts within the organization. This approach also inherently supports version control through the management of the prefix list. Option B is incorrect because AWS Firewall Manager is used for managing and deploying AWS WAF rules across accounts and applications, not for sharing prefix lists. Option C is incorrect because security groups do not support version control of IP address lists. Option D is incorrect because while DynamoDB can store the list of IP addresses, the solution involves a more complex and less direct method of applying these IP addresses to security groups across accounts, and it does not inherently support version control of the IP list.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company operates a hybrid cloud setup with multiple AWS accounts organized under AWS Organizations. They require a solution to manage and maintain a version-controlled list of IPv4 addresses for on-premises hosts that are permitted to access AWS resources. The solution must also ensure this list is accessible to all AWS accounts within the organization.

Which solution meets these requirements?

Exam-Like

Create a customer-managed prefix list. Add entries for the initial list of on-premises IPv4 hosts. Create a resource share in AWS Resource Access Manager. Add the managed prefix list to the resource share. Share the resource with the organization.

100.0%

Create a customer-managed prefix list. Add entries for the initial list of on-premises IPv4 hosts. Use AWS Firewall Manager to share the managed prefix list with the organization.

0.0%

Create a security group. Add inbound rule entries for the initial list of on-premises IPv4 hosts. Create a resource share in AWS Resource Access Manager. Add the security group to the resource share. Share the resource with the organization.

Create an Amazon DynamoDB table. Add entries for the initial list of on-premises IPv4 hosts. Create an AWS Lambda function that assumes a role in each AWS account in the organization to authorize inbound rules on security groups based on entries from the DynamoDB table.