AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Define Network Firewall firewalls, AWS WAFv2 web ACLS, Network Firewall policies, and VPC security groups in code. Use AWS CloudFarmation to deploy the objects and initial policies and rule groups. Use AWS Firewall Manager to manage the AWS WAFV2 web ACLS, Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.

The most operationally efficient solution that meets the company's requirements is to use AWS Firewall Manager for centralized management of AWS WAFv2 web ACLs, Network Firewall policies, and VPC security groups, while also leveraging AWS CloudFormation for the initial deployment and definition of these resources in code. This approach allows for the centralized management of security policies and rules, ensuring consistency and compliance across the environment. Additionally, using Amazon GuardDuty to monitor for overly permissive rules adds an extra layer of security by identifying and alerting on potential security risks. Option D is the correct choice because it combines the use of AWS CloudFormation for initial deployment and AWS Firewall Manager for ongoing management, along with Amazon GuardDuty for monitoring, which aligns with the company's requirements for operational efficiency, centralized policy management, and security monitoring.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

What is the MOST operationally efficient solution for a company hosting external websites on AWS with multiple tiers (web servers, application logic services, and databases) that ensures appropriate deployment of AWS Network Firewall within relevant VPCs, enables centralized management of Network Firewall policies and AWS WAF rules, and allows application teams to manage their own security groups while preventing overly permissive access?

Exam-Like

Last updated: March 18, 2026 at 14:03

Define Network Firewall firewalls, AWS WAFV2 web ACLs. Network Firewall policies, and VPC security groups in code. Use AWS CloudFormation to deploy the objects and initial policies and rule groups. Use CloudFormation to update the AWS WAFv2 web ACLs. Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.

Define Network Firewall firewalls. AWS WAFV2 web ACLs, Network Firewall policies, and VPC security groups in code. Use the AWS Management Console or the AWS CLI to manage the AWS WAFv2 web ACLs. Network Firewall policies, and VPC security groups. Use Amazon GuardDuly to invoke an AWS Lambda function to evaluate the configured rules and remove any overly permissive rules.

Deploy AWS WAFv2 IP sets and AWS WAFv2 web ACLs with AWS CloudFormation. Use AWS Firewall Manager to deploy Network Firewall firewalls and VPC security groups where required and to manage the AWS WAFv2 web ACLs, Network Firewall policies, and VPC security groups.

Define Network Firewall firewalls, AWS WAFv2 web ACLS, Network Firewall policies, and VPC security groups in code. Use AWS CloudFarmation to deploy the objects and initial policies and rule groups. Use AWS Firewall Manager to manage the AWS WAFV2 web ACLS, Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.