AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
What is the MOST operationally efficient solution for a company hosting external websites on AWS with multiple tiers (web servers, application logic services, and databases) that ensures appropriate deployment of AWS Network Firewall within relevant VPCs, enables centralized management of Network Firewall policies and AWS WAF rules, and allows application teams to manage their own security groups while preventing overly permissive access?
What is the MOST operationally efficient solution for a company hosting external websites on AWS with multiple tiers (web servers, application logic services, and databases) that ensures appropriate deployment of AWS Network Firewall within relevant VPCs, enables centralized management of Network Firewall policies and AWS WAF rules, and allows application teams to manage their own security groups while preventing overly permissive access?
Exam-Like
A
Define Network Firewall firewalls, AWS WAFV2 web ACLs. Network Firewall policies, and VPC security groups in code. Use AWS CloudFormation to deploy the objects and initial policies and rule groups. Use CloudFormation to update the AWS WAFv2 web ACLs. Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.
B
Define Network Firewall firewalls. AWS WAFV2 web ACLs, Network Firewall policies, and VPC security groups in code. Use the AWS Management Console or the AWS CLI to manage the AWS WAFv2 web ACLs. Network Firewall policies, and VPC security groups. Use Amazon GuardDuly to invoke an AWS Lambda function to evaluate the configured rules and remove any overly permissive rules.
Comments
Loading comments...