1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. ANS-C01 Discussions
  6. ANS-C01 Exam Topic 5 Question 41 Discussion

Amazon Web Services Amazon AWS Certified Advanced Networking - Specialty ANS-C01 Question # 41 Topic 5 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services Amazon AWS Certified Advanced Networking - Specialty ANS-C01 Question # 41 Topic 5 Discussion

ANS-C01 Exam Topic 5 Question 41 Discussion:
Question #: 41
Topic #: 5

A company uses AWS Network Firewall to protect outgoing traffic for multiple VPCs that are in the same AWS account. Each VPC contains Amazon EC2 instances that host the company's applications. Each EC2 instance is tagged with the name of the application it hosts. The EC2 instances are in Auto Scaling groups.

A Network Firewall stateful rule group must remain up-to-date, even when an Auto Scaling group launches and terminates EC2 instances.

Which solution will meet this requirement with the LEAST implementation and administrative effort?
A.

Create a network ACL for each application. Reference the network ACL in the stateful rule group.

B.

Create a prefix list for each application. Reference the prefix list in the stateful rule group.

C.

Create an AWS Lambda function that queries the EC2 instance tags for each application name and then updates the stateful rule group with the IP address of each instance.

D.

Create a resource group for each application name. Reference the Amazon Resource Name (ARN) for the resource groups in the stateful rule group.

Get Premium ANS-C01 Questions
Actual exam question for Amazon Web Services ANS-C01 exam by Zephyr85207 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next