Some highly sensitive analytics workloads are to be moved to Amazon EC2 hosts. Threat modeling has found that a risk exists where a subnet could be maliciously or accidentally exposed to the internet. Which of the following mitigations should be recommended?
A) Use AWS Config to detect whether an Internet Gateway is added and use an AWS Lambda function to provide auto-remediation.
B) Within the Amazon VPC configuration, mark the VPC as private and disable Elastic IP addresses.
C) Use IPv6 addressing exclusively on the EC2 hosts, as this prevents the hosts from being accessed from the internet.
D) Move the workload to a Dedicated Host, as this provides additional network security controls and monitoring.
Correct Answer:
Verified
Q38: A pharmaceutical company has digitized versions of
Q39: An application has been written that publishes
Q40: A Security Engineer has been asked to
Q41: A Development team has asked for help
Q42: The Security Engineer is managing a traditional
Q44: A Developer who is following AWS best
Q45: A company runs an application on AWS
Q46: A Systems Administrator has written the following
Q47: A Security Analyst attempted to troubleshoot the
Q48: An organization operates a web application that
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents