Spring Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

A company is running a containerized application on an Amazon Elastic Container Service (Amazon ECS)...

Amazon Web Services SCS-C03 Full Course Access
Amazon Web Services SCS-C03 View All Questions

A company is running a containerized application on an Amazon Elastic Container Service (Amazon ECS) cluster that uses AWS Fargate. The application runs as several ECS services.

The ECS services are in individual target groups for an internet-facing Application Load Balancer (ALB). The ALB is the origin for an Amazon CloudFront distribution. An AWS WAF web ACL is associated with the CloudFront distribution.

Web clients access the ECS services through the CloudFront distribution. The company learns that the web clients can bypass the web ACL and can access the ALB directly.

Which solution will prevent the web clients from directly accessing the ALB?

A.

Create an AWS PrivateLink endpoint and set it as the CloudFront origin.

B.

Create a new internal ALB and delete the internet-facing ALB.

C.

Modify the ALB listener rules to allow only CloudFront IP ranges.

D.

Add a custom X-Shared-Secret header in CloudFront and configure the ALB listener rules to allow requests only when the header value matches.

SCS-C03 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now SCS-C03 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
A company is implementing new compliance requirements to meet customer needs.
AWS Config cannot deliver configuration snapshots to Amazon S3.
Previous