A company is performing an AWS Well-Architected Framework review of an existing workload deployed on AWS. The review identified a public-facing website running on the same Amazon EC2 instance as a Microsoft Active Directory domain controller that was install recently to support other AWS services. A solutions architect needs to recommend a new design that would improve the security of the architecture and minimize the administrative demand on IT staff. What should the solutions architect recommend?
A) Use AWS Directory Service to create a managed Active Directory. Uninstall Active Directory on the current EC2 instance.
B) Create another EC2 instance in the same subnet and reinstall Active Directory on it. Uninstall Active Directory.
C) Use AWS Directory Service to create an Active Directory connector. Proxy Active Directory requests to the Active domain controller running on the current EC2 instance.
D) Enable AWS Single Sign-On (AWS SSO) with Security Assertion Markup Language (SAML) 2.0 federation with the current Active Directory controller. Modify the EC2 instance's security group to deny public access to Active Directory.
Correct Answer:
Verified
Q429: A company is building a website that
Q430: A company uses Amazon S3 as its
Q431: A company is migrating to the AWS
Q432: A solutions architect is designing a high
Q433: A company has established a new AWS
Q435: A company is designing a web application
Q436: A solutions architect at an ecommerce company
Q437: A solutions architect is designing an application
Q438: A company has global users accessing an
Q439: A database is on an Amazon RDS
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents