Topic 1 Question 203

AWS Certified Advanced Networking - Specialty

Topic 1 Question 203
A company is planning to host external websites on AWS. The websites will include multiple tiers such as web servers, application logic services, and databases. The company wants to use AWS Network Firewall, AWS WAF, and VPC security groups for network security.

The company must ensure that the Network Firewall firewalls are deployed appropriately within relevant VPCs. The company needs the ability to centrally manage policies that are deployed to Network Firewall and AWS WAF rules. The company also needs to allow application teams to manage their own security groups while ensuring that the security groups do not allow overly permissive access.

What is the MOST operationally efficient solution that meets these requirements?
- Define Network Firewall firewalls, AWS WAFV2 web ACLs. Network Firewall policies, and VPC security groups in code. Use AWS CloudFormation to deploy the objects and initial policies and rule groups. Use CloudFormation to update the AWS WAFv2 web ACLs. Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.
- Define Network Firewall firewalls. AWS WAFV2 web ACLs, Network Firewall policies, and VPC security groups in code. Use the AWS Management Console or the AWS CLI to manage the AWS WAFv2 web ACLs. Network Firewall policies, and VPC security groups. Use Amazon GuardDuly to invoke an AWS Lambda function to evaluate the configured rules and remove any overly permissive rules.
- Deploy AWS WAFv2 IP sets and AWS WAFv2 web ACLs with AWS CloudFormation. Use AWS Firewall Manager to deploy Network Firewall firewalls and VPC security groups where required and to manage the AWS WAFv2 web ACLs, Network Firewall policies, and VPC security groups.
- Define Network Firewall firewalls, AWS WAFv2 web ACLS, Network Firewall policies, and VPC security groups in code. Use AWS CloudFarmation to deploy the objects and initial policies and rule groups. Use AWS Firewall Manager to manage the AWS WAFV2 web ACLS, Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: D
  Answer is D
  
  👍 3
  aragon_saa2024/08/13
- 正解だと思う選択肢: D
  The correct answer is indeed D. Define Network Firewall firewalls, AWS WAFv2 web ACLs, Network Firewall policies, and VPC security groups in code. Use AWS CloudFormation to deploy the objects and initial policies and rule groups. Use AWS Firewall Manager to manage the AWS WAFv2 web ACLs, Network Firewall policies, and VPC security groups. Use Amazon GuardDuty to monitor for overly permissive rules.
  
  👍 3
  AzureDP9002024/12/28
- 正解だと思う選択肢: D
  Firewall Manager makes it easier to centrally configure and manage AWS WAF, AWS Shield Advanced, and VPC security group policies across multiple accounts and applications in an AWS Organization. It also manages AWS Network Firewall policies.
  
  👍 2
  Cacheirez2024/08/13
シャッフルモード

ユーザの投票

コメント(4)