ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 11 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 11
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company serves content to its subscribers across the world using an application running on AWS. The application has several Amazon EC2 instances in a private subnet behind an Application Load Balancer (ALB). Due to a recent change in copyright restrictions, the chief information officer (CIO) wants to block access for certain countries.
Which action will meet these requirements?

  • A. Modify the ALB security group to deny incoming traffic from blocked countries.
  • B. Modify the security group for EC2 instances to deny incoming traffic from blocked countries.
  • C. Use Amazon CloudFront to serve the application and deny access to blocked countries.
  • D. Use ALB listener rules to return access denied responses to incoming traffic from blocked countries.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by malefin280 at June 1, 2020, 1:21 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NaveedNZ
Highly Voted 3 years, 9 months ago
C is the right answer with Cloud front Geo restriction
upvoted 61 times
...
Kossa
Highly Voted 3 years, 9 months ago
Ans is C https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html
upvoted 24 times
...
48cd959
Most Recent 1 year, 3 months ago
Selected Answer: C
Answer -C , Logic is you can't stop traffic from ALB using security groups. SG are whitelsting rather than black listing. Always use Cloudfront if you want to block any traffic coming to ALB.
upvoted 1 times
...
Sachin032
2 years, 5 months ago
Selected Answer: A
Its mentioned web application only so i believe ALB can restrict the access.
upvoted 1 times
...
Suya
2 years, 10 months ago
I will go with C
upvoted 1 times
...
bikshu
2 years, 10 months ago
i will go with C
upvoted 1 times
...
queen101
2 years, 10 months ago
C is correct answer here.
upvoted 1 times
...
marklovesaws143
2 years, 11 months ago
Selected Answer: C
CCCCCCCCCCCCCCCC
upvoted 1 times
...
HogwartsTrue
2 years, 11 months ago
Answer is C
upvoted 1 times
...
HogwartsTrue
2 years, 12 months ago
Selected Answer: C
C is the right answer
upvoted 1 times
...
ramireze
3 years, 2 months ago
C is the correct answer
upvoted 1 times
...
neeru470
3 years, 4 months ago
wrote exam on 06-02-2022, this question appeared on the test, selected c
upvoted 4 times
...
joe2211
3 years, 6 months ago
Selected Answer: C
vote C
upvoted 1 times
...
karthisena
3 years, 7 months ago
Explanation: When a user requests your content, CloudFront typically serves the requested content regardless of where the user is located. If you need to prevent users in specific countries from accessing your content, you can use the CloudFront geo restriction feature to do one of the following: Allow your users to access your content only if they're in one of the countries on a whitelist of approved countries. Prevent your users from accessing your content if they're in one of the countries on a blacklist of banned countries. For example, if a request comes from a country where, for copyright reasons, you are not authorized to distribute your content, you can use CloudFront geo restriction to block the request. This is the easiest and most effective way to implement a geographic restriction for the delivery of content.
upvoted 9 times
...
Rupesh1987
3 years, 7 months ago
Right Answer is C. In cloudfront distribution you could blacklist and white countries as your application requirements.
upvoted 2 times
...
jkwek
3 years, 7 months ago
C is correct https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html You can use geo restriction, also known as geo blocking, to prevent users in specific geographic locations from accessing content that you're distributing through a CloudFront distribution.
upvoted 1 times
...
Rajendra
3 years, 7 months ago
C. Cloudfront has abilitity to restrict countries with geolocation blocking feature.
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel