Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam ANS-C01 Topic 1 Question 42 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 42
Topic #: 1
[All ANS-C01 Questions]

A company is planning to host external websites on AWS. The websites will include multiple tiers such as web servers, application logic services, and databases. The company wants to use AWS Network Firewall. AWS WAR and VPC security groups for network security.

The company must ensure that the Network Firewall firewalls are deployed appropriately within relevant VPCs. The company needs the ability to centrally manage policies that are deployed to Network Firewall and AWS WAF rules. The company also needs to allow application teams to manage their own security groups while ensuring that the security groups do not allow overly permissive access.

What is the MOST operationally efficient solution that meets these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Lucia at Nov 19, 2024, 01:36 AM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Charolette
1 days ago
Option D looks good, but I'm a little worried about the performance impact of using GuardDuty. Maybe we could use a custom Lambda function instead to keep things snappy.
upvoted 0 times
...
Lashaun
4 days ago
Hmm, this is a tough one. I'm leaning towards option C because it seems to offer the most centralized management of the security components. But I'm open to hearing what the other candidates think.
upvoted 0 times
...
Brock
5 days ago
I don't know, man. This whole cloud security thing is starting to make my head spin. I just want to write some code and not worry about all this networking mumbo jumbo.
upvoted 0 times
...
Nan
12 days ago
I'm not sure, but I think option C could also be a good choice. It involves using AWS Firewall Manager for managing the security groups.
upvoted 0 times
...
Elenor
14 days ago
I agree with Douglass. Option D seems to cover all the requirements effectively.
upvoted 0 times
...
Douglass
18 days ago
I think the most operationally efficient solution is option D.
upvoted 0 times
...
Fannie
18 days ago
Option D looks good, but I'm not sure about using Amazon GuardDuty to monitor for overly permissive rules. Wouldn't it be better to use a more robust solution like AWS Config or AWS Security Hub?
upvoted 0 times
...
Kattie
19 days ago
This seems like a pretty straightforward question. I think option D is the best solution as it allows for centralized management of the security policies while still giving the application teams the ability to manage their own security groups.
upvoted 0 times
Natalya
2 days ago
Centralized management of security policies is crucial for maintaining a secure environment.
upvoted 0 times
...
Scarlet
7 days ago
I think using AWS CloudFormation for deployment and AWS Firewall Manager for management is a good approach.
upvoted 0 times
...
Leslee
8 days ago
I agree, option D seems like the most efficient solution for this scenario.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77