Topic 1 Question 242
A company is planning to host a secure web application across multiple Amazon EC2 instances. The application will have an associated DNS domain in an Amazon Route 53 hosted zone.
The company wants to protect the domain from DNS poisoning attacks. The company also wants to allow web browsers to authenticate into the application by using a trusted third party.
Which combination of actions will meet these requirements?
Configure the Route 53 hosted zone to use DNS Security Extensions (DNSSEC). Install self-signed X.509 certificates on the EC2 instances.
Configure a Name Authority Pointer (NAPTR) record in the Route 53 hosted zone. Install X 509 certificates that are signed by a public certificate authority on the EC2 instances.
Configure the Route 53 hosted zone to use DNS Security Extensions (DNSSEC). Install X.509 certificates that are signed by a public certificate authority on the EC2 instances.
Configure a Name Authority Pointer (NAPTR) record in the Route 53 hosted zone. Install self-signed X.509 certificates on the EC2 instances.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: C
C: DNSSEC will protect against DNS poisoning NAPTR is not relevant for this usage
👍 2c1193d42025/01/06 - 正解だと思う選択肢: C
• A protocol for securing DNS traffic, verifies DNS data integrity and origin • Works only with Public Hosted Zones
👍 2woorkim2025/01/11
シャッフルモード