A company hosts multiple SAP applications on Amazon EC2 instances in a VPC. While monitoring the environment, the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours. Which solution will meet this requirement? A. Modify network ACLs that are associated with all public subnets in the VPC to deny access from the IP address block. B. Add a rule in the security group of the EC2 instances to deny access from the IP address block. C. Create a policy in AWS Identity and Access Management (IAM) to deny access from the IP address block. D. Configure the firewall in the operating system of the EC2 instances to deny access from the IP address block.  Suggested Answer: C Community Answer: A This question is in PAS-C01 AWS Certified: SAP on AWS – Specialty Exam For getting AWS Certified: SAP on AWS – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer