Domain 1.2: Security Controls — AWS SAP-C02 Practice Question 08

How to approach this question

Identify the service for Layer 7 protection (WAF) and the method for internal network isolation (Security Groups).

Full Answer

B.Attach AWS WAF to the ALB. Configure ECS security groups to only allow ingress from the ALB security group.✓ Correct

Attach AWS WAF to the ALB. Configure ECS security groups to only allow ingress from the ALB security group.

AWS WAF on the ALB protects against SQLi and blocks IPs. Security group referencing (allowing the ALB SG ID in the ECS SG) secures the internal traffic.

Common mistakes

Trying to attach WAF directly to ECS.

How to approach this question

Full Answer

Common mistakes

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 6

More questions from this exam