ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 252 discussion

Exam question from Amazon's ANS-C00
Question #: 252
Topic #: 1
[All ANS-C00 Questions]

Your website utilizes EC2, S3, ELB-Classic, and CloudFront. Your manager has shifted focus to security and wants you to ensure the site is as secure as possible. What two items could you recommend? (Choose two.)

  • A. An NACL that blocks all ports to your subnets.
  • B. A restricted bucket policy.
  • C. A WAF on the load balancer.
  • D. A WAF on your CloudFront distribution.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
A WAF on CloudFront and a restricted bucket policy to ensure the only access is from CloudFront. You cannot apply a WAF to a classic load balancer and an
NACL that blocks all ports would block access to the load balancer.
by JamesTR at March 12, 2021, 4:13 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
awspro2021
Highly Voted 3 years, 8 months ago
B. A restricted bucket policy. D. A WAF on your CloudFront distribution.
upvoted 6 times
...
ChauPhan
Most Recent 3 years, 7 months ago
B. A restricted bucket policy. D. A WAF on your CloudFront distribution.
upvoted 2 times
...
JamesTR
3 years, 8 months ago
BD looks fine to me
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel