Ultimate access to all questions.
Answer-first summary for fast verification
Answer: AWS Network Firewall
## Explanation Among the given options, **AWS Network Firewall** is the most appropriate choice for this requirement because: - **AWS Network Firewall** is a stateful firewall service that can filter traffic at the network level, including blocking access to specific websites based on domain names or IP addresses - It can be configured with custom rules to deny outbound traffic to known malicious websites - It operates at the VPC level, which can protect Amazon WorkSpaces instances running within the VPC ### Why the other options are not suitable: - **AWS Shield Advanced**: This is a DDoS protection service that protects against distributed denial-of-service attacks, not for blocking specific websites - **Amazon Route 53**: This is a DNS service for domain name resolution, not for website blocking - **Amazon GuardDuty**: This is a threat detection service that monitors for suspicious activity and potential threats, but it doesn't actively block access to websites ### Important Note: While AWS Network Firewall can help with network-level blocking, it's worth noting that for comprehensive endpoint web filtering on virtual desktops like Amazon WorkSpaces, companies often use: - Third-party endpoint security solutions - Cloud-based web filtering services (like Zscaler, Cisco Umbrella) - DNS filtering services - Browser security extensions However, among the AWS-native options provided, AWS Network Firewall is the most relevant for this network-level filtering requirement.
Author: Ritesh Yadav
No comments yet.
A company provides Amazon WorkSpaces to its remote employees. The company wants to prevent employees from using their virtual desktops to visit specific websites that are known to be malicious. Which AWS service should the company use to meet this requirement?
A
AWS Shield Advanced
B
Amazon Route 53
C
Amazon GuardDuty
D
AWS Network Firewall