A banking company operates its public mobile banking stack on AWS within a VPC containing private and public subnets, using IPv4 networking without IPv6 support. The company must integrate a third-party API that requires IPv6 connectivity. The network engineer enables IPv6 in the VPC and private subnets but must ensure that IPv6 traffic from the public internet is blocked and that only the company's servers can initiate IPv6 connections. Which solution meets these requirements? | AWS Certified Advanced Networking - Specialty Quiz