ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 16 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 16
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company has complex connectivity rules governing ingress, egress, and communications between Amazon EC2 instances. The rules are so complex that they cannot be implemented within the limits of the maximum number of security groups and network access control lists (network ACLs).
What mechanism will allow the company to implement all required network rules without incurring additional cost?

  • A. Configure AWS WAF rules to implement the required rules.
  • B. Use the operating system built-in, host-based firewall to implement the required rules.
  • C. Use a NAT gateway to control ingress and egress according to the requirements.
  • D. Launch an EC2-based firewall product from the AWS Marketplace, and implement the required rules in that product.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by BillyC at Aug. 25, 2019, 5:20 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BillyC
Highly Voted 3 years, 8 months ago
B = without incurring additional cost
upvoted 27 times
...
Bach999
Highly Voted 3 years, 8 months ago
This question in my exam on 2020-Feb-19.
upvoted 9 times
...
Benah
Most Recent 1 year, 8 months ago
B is correct Use the operating system's built-in, host-based firewall to implement the required rules
upvoted 1 times
...
gg12345
2 years, 6 months ago
Selected Answer: B
A = Extra Cost Nat = Not fit for purpose EC2 from marketplace = Additional cost
upvoted 5 times
Robert0
2 years ago
The right train of thoughts
upvoted 1 times
...
David44
1 year, 11 months ago
A = WAF is not really a good solution between EC2.
upvoted 1 times
...
...
Mr__
2 years, 8 months ago
Selected Answer: B
B is right
upvoted 1 times
...
teo2157
3 years, 1 month ago
Selected Answer: B
The key here is "no cost", so answer points to B
upvoted 2 times
...
jj22222
3 years, 5 months ago
B looks right
upvoted 1 times
...
sanjaym
3 years, 7 months ago
Ans: B 100%
upvoted 3 times
...
nasreenazad57
3 years, 7 months ago
B is correct - no additional cost
upvoted 3 times
...
devjava
3 years, 7 months ago
Ans > B
upvoted 3 times
...
AfricanCloudGuru
3 years, 7 months ago
Ans (B)
upvoted 3 times
...
AfricanCloudGuru
3 years, 7 months ago
Ans (B)
upvoted 1 times
...
ninadv
3 years, 7 months ago
B.Host based firewall is the only way to implement this scenarion. All other options are not valid.
upvoted 1 times
...
enthuguys
3 years, 7 months ago
Correct as Billy said. B = without incurring additional cost
upvoted 1 times
...
tomtom2020
3 years, 7 months ago
Yes, B (built in function)
upvoted 1 times
...
RaySmith
3 years, 7 months ago
B is correct
upvoted 1 times
...
ryanle
3 years, 7 months ago
B: if using reach AWS limit, it need to implement your own rule on system
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel