A Security Engineer must add additional protection to a legacy web application by adding the following HTTP security headers: -Content Security-Policy -X-Frame-Options -X-XSS-Protection The Engineer does not have access to the source code of the legacy web application. Which of the following approaches would meet this requirement?
A) Configure an Amazon Route 53 routing policy to send all web traffic that does not include the required headers to a black hole.
B) Implement an AWS Lambda@Edge origin response function that inserts the required headers.
C) Migrate the legacy application to an Amazon S3 static website and front it with an Amazon CloudFront distribution.
D) Construct an AWS WAF rule to replace existing HTTP headers with the required security headers by using regular expressions.
Correct Answer:
Verified
Q51: The Security Engineer has discovered that a
Q52: An organization is using AWS CloudTrail, Amazon
Q53: A Security Architect is evaluating managed solutions
Q54: A company has a forensic logging use
Q55: A company has two AWS accounts, each
Q57: In response to the past DDoS attack
Q58: During a security event, it is discovered
Q59: A company plans to move most of
Q60: A Security Engineer must design a system
Q61: A Security Engineer for a large company
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents