ExpertEasy1 markMultiple Choice
AWS SAA-C03 · Question 19 · Domain 1.2: Secure Workloads
A company needs to inspect all outbound traffic from their VPC to the internet. They want to block traffic to known malicious domains and implement stateful packet inspection. Which AWS service should they use?
A company needs to inspect all outbound traffic from their VPC to the internet. They want to block traffic to known malicious domains and implement stateful packet inspection. Which AWS service should they use?
Answer options:
A.
AWS WAF
B.
NAT Gateway
C.
AWS Network Firewall
D.
Security Groups
How to approach this question
Match 'outbound VPC traffic inspection' and 'domain filtering' to Network Firewall.
Full Answer
C.AWS Network Firewall✓ Correct
AWS Network Firewall
AWS Network Firewall is a managed service that makes it easy to deploy essential network protections for all of your Amazon VPCs. It supports stateful inspection and domain name filtering for outbound traffic.
Common mistakes
Choosing WAF, which is only for inbound web traffic.
Practice the full AWS SAA-C03 Practice Exam 5
65 questions · hints · full answers · grading
More questions from this exam
Q01A company needs to grant an external auditor read-only access to specific AWS resources. The audi...EasyQ02An application running on EC2 instances needs to access objects in an S3 bucket. The security tea...MediumQ03A company is designing a VPC for a multi-tier web application. They need to block specific malici...MediumQ04A large enterprise uses AWS Organizations to manage multiple accounts. The security team wants to...HardQ05A company hosts a web application on an Application Load Balancer (ALB). They are experiencing SQ...Medium