A Security Engineer must add additional protection to a legacy web application by adding the following HTTP security headers: -Content Security-Policy -X-Frame-Options -X-XSS-Protection The Engineer does not have access to the source code of the legacy web application. Which of the following approaches would meet this requirement? A. Configure an Amazon Route 53 routing policy to send all web traffic that does not include the required headers to a black hole. B. Implement an AWS Lambda@Edge origin response function that inserts the required headers. C. Migrate the legacy application to an Amazon S3 static website and front it with an Amazon CloudFront distribution. D. Construct an AWS WAF rule to replace existing HTTP headers with the required security headers by using regular expressions.  Suggested Answer: B Community Answer: B This question is in SCS-C01 AWS Certified Security – Specialty Exam For getting AWS Certified Security – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer