Examtopics

コメント(6)

• 正解だと思う選択肢: CDE

  By creating the firewall policy or rule group in the management account (the central account in AWS Organizations), the engineer can manage these policies centrally, which reduces the need to create and manage separate policies in each of the 50 accounts.

  AWS RAM allows you to share AWS resources, such as firewall policies and rule groups, across multiple AWS accounts within your organization. This helps minimize the number of policies that need to be created and ensures consistent web filtering across all accounts.

  Enabling sharing within AWS Organizations allows the resources shared via AWS RAM (such as firewall policies and rule groups) to be accessed by all accounts within the organization. This facilitates the centralized management and application of the web filtering rules across all VPCs in the 50 accounts.

  👍 2

  Cacheirez2024/08/13
• 正解だと思う選択肢: CDE

  Answer is CDE

  👍 2

  aragon_saa2024/08/13
• 正解だと思う選択肢: ADE

  This combination provides a comprehensive solution to prevent SQL injection attacks:

  Create a WAF web ACL with appropriate rules

  Use ALB that can be integrated with WAF

  Associate WAF with ALB for practical application protection

  Options B and F are not necessary because the application is internal and does not need CloudFront distribution.

  Option D is not applicable because NLB cannot be directly integrated with WAF.

  By implementing these three steps, the company can significantly improve the defense ability of its applications against SQL injection attacks.

  👍 1

  hcong2024/08/21