A company hosts multiple SAP applications on Amazon EC2 instances in a VPC. While monitoring the environment, the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours. Which solution will meet this requirement?

QuestionsCategory: PAS-C01A company hosts multiple SAP applications on Amazon EC2 instances in a VPC. While monitoring the environment, the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours. Which solution will meet this requirement?
Admin Staff asked 3 months ago
A company hosts multiple SAP applications on Amazon EC2 instances in a VPC. While monitoring the environment, the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours.
Which solution will meet this requirement?

A. Modify network ACLs that are associated with all public subnets in the VPC to deny access from the IP address block.

B. Add a rule in the security group of the EC2 instances to deny access from the IP address block.

C. Create a policy in AWS Identity and Access Management (IAM) to deny access from the IP address block.

D. Configure the firewall in the operating system of the EC2 instances to deny access from the IP address block.








 

Suggested Answer: C

Community Answer: A




This question is in PAS-C01 AWS Certified: SAP on AWS – Specialty Exam
For getting AWS Certified: SAP on AWS – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.
Question Tags:

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.