Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 29 Topic 3 Discussion

SCS-C03 Exam Topic 3 Question 29 Discussion:

Question #: 29

Topic #: 3

A company runs ECS services behind an internet-facing ALB that is the origin for CloudFront. An AWS WAF web ACL is associated with CloudFront, but clients can bypass it by accessing the ALB directly.
Which solution will prevent direct access to the ALB?

Use AWS PrivateLink with the ALB.

Replace the ALB with an internal ALB.

Restrict ALB listener rules to CloudFront IP ranges.

Require a custom header from CloudFront and validate it at the ALB.

Get Premium SCS-C03 Questions

Actual exam question for Amazon Web Services SCS-C03 exam by Talon17302 at Feb 10, 2026, 8:01:21 PM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 29 Topic 3 Discussion

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 29 Topic 3 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 29 Topic 3 Discussion

Amazon Web Services AWS Certified Security – Specialty SCS-C03 Question # 29 Topic 3 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval