1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C02 Discussions
  6. SCS-C02 Exam Topic 7 Question 61 Discussion

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 61 Topic 7 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 61 Topic 7 Discussion

SCS-C02 Exam Topic 7 Question 61 Discussion:
Question #: 61
Topic #: 7

A company needs to use HTTPS when connecting to its web applications to meet compliance requirements. These web applications run in Amazon VPC on Amazon EC2 instances behind an Application Load Balancer (ALB). A security engineer wants to ensure that the load balancer win only accept connections over port 443. even if the ALB is mistakenly configured with an HTTP listener

Which configuration steps should the security engineer take to accomplish this task?
A.

Create a security group with a rule that denies Inbound connections from 0.0.0 0/0 on port 00. Attach this security group to the ALB to overwrite more permissive rules from the ALB's default securitygroup.

B.

Create a network ACL that denies inbound connections from 0 0.0.0/0 on port 80 Associatethe network ACL with the VPC s internet gateway

C.

Create a network ACL that allows outbound connections to the VPC IP range on port 443 only. Associate the network ACL with the VPC's internet gateway.

D.

Create a security group with a single inbound rule that allows connections from 0.0.0 0/0 on port 443. Ensure this security group is the only one associated with the ALB

Get Premium SCS-C02 Questions
Actual exam question for Amazon Web Services SCS-C02 exam by Milo37065 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next