A company has deployed a custom DNS server in AWS. The Security Engineer wants to ensure that Amazon EC2 instances cannot use the Amazon-provided DNS. How can the Security Engineer block access to the Amazon-provided DNS in the VPC?
A) Deny access to the Amazon DNS IP within all security groups.
B) Add a rule to all network access control lists that deny access to the Amazon DNS IP.
C) Add a route to all route tables that black holes traffic to the Amazon DNS IP.
D) Disable DNS resolution within the VPC configuration.
Correct Answer:
Verified
Q17: An application is currently secured using network
Q18: A Security Engineer must enforce the use
Q19: A company requires that IP packet data
Q20: A company has complex connectivity rules governing
Q21: An application outputs logs to a text
Q23: An organization has tens of applications deployed
Q24: A Security Administrator is configuring an Amazon
Q25: A Software Engineer is trying to figure
Q26: Which of the following minimizes the potential
Q27: An organization is moving non-business-critical applications to
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents