A company is configuring three Amazon EC2 instances with each instance in a separate Availability Zone. The EC2 instances will be used as transparent proxies for outbound internet traffic for ports 80 and 443 so the proxies can block traffic to certain internet destinations as required by the company's security policies. A Security Engineer completed the following: Set up the proxy software on the EC2 instances. ✑ Modified the route…

QuestionsCategory: SCS-C01A company is configuring three Amazon EC2 instances with each instance in a separate Availability Zone. The EC2 instances will be used as transparent proxies for outbound internet traffic for ports 80 and 443 so the proxies can block traffic to certain internet destinations as required by the company's security policies. A Security Engineer completed the following: Set up the proxy software on the EC2 instances. ✑ Modified the route…
Admin Staff asked 4 months ago
A company is configuring three Amazon EC2 instances with each instance in a separate Availability Zone. The EC2 instances will be used as transparent proxies for outbound internet traffic for ports 80 and 443 so the proxies can block traffic to certain internet destinations as required by the company's security policies. A
Security Engineer completed the following:
Set up the proxy software on the EC2 instances.
 Image
✑ Modified the route tables on the private subnets to use the proxy EC2 instances as the default route.
✑ Created a security group rule opening inbound port 80 and 443 TCP protocols on the proxy EC2 instance security group.
However, the proxy EC2 instances are not successfully forwarding traffic to the internet.
What should the Security Engineer do to make the proxy EC2 instances route traffic to the internet?

A. Put all the proxy EC2 instances in a cluster placement group.

B. Disable source and destination checks on the proxy EC2 instances.

C. Open all inbound ports on the proxy EC2 instance security group.

D. Change the VPC's DHCP domain-name-servers options set to the IP addresses of proxy EC2 instances.








 

Suggested Answer: B

Community Answer: B

Reference:
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html


This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.
Question Tags:

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.