Home
Valid Dumps
Microsoft
AI-102 (Designing and Implementing)
AI-900 (AI Fundamentals)
AZ-104 (Administrator)
AZ-140 (Configuring and Operating)
AZ-204 (Developing Solutions)
AZ-305 (Designing Infrastructure Solutions)
AZ-400 (DevOps Solutions)
AZ-500 (Security Technologies)
AZ-700 (Designing and Implementing)
All Microsoft Exams
Amazon
CLF-C01 (Cloud Practitioner)
DBS-C01 (Database - Specialty)
DVA-C01 (Developer Associate)
SCS-C01 (Security - Specialty)
SAA-C02 (Solutions Architect Associate)
SAA-C03 (Solutions Architect Associate)
SAP-C01 (Solutions Architect Professional)
SOA-C02 (Certified SysOps Administrator Associate)
DOP-C01 (DevOps Engineer Professional)
All Amazon Exams
Cisco
200-201 (CBROPS)
200-301 (CCNA)
200-901 (DEVASC)
300-410 (ENARSI)
300-415 (ENSDWI)
300-420 (ENSLD)
300-425 (ENWLSD)
300-430 (ENWLSI)
300-715 (SISE)
350-401 (ENCOR)
350-501 (SPCOR)
350-601 (DCCOR)
350-701 (SCOR)
350-801 (CLCOR)
400-007 (CCDE)
All Cisco Exams
CompTIA
220-1101 (A+ Core 1)
220-1102 (A+ Core 2)
CAS-004 (Advanced Security Practitioner)
CS0-002 (CySA+)
CV0-003 (Cloud+)
FC0-U61 (IT Fundamentals)
N10-008 (Network+)
PK0-004 (Project+)
PT0-002 (PenTest+)
SK0-005 (Server+)
SY0-601 (Security+)
XK0-004 (Linux+)
All CompTIA Exams
Google
Associate Cloud Engineer
Cloud Digital Leader
Professional Cloud Architect
Professional Cloud Security Engineer
Professional Data Engineer
All Google Exams
Huawei
H11-851 (HCNA-VC)
H12-211 (HCIA Routing&Switching)
H12-221 (HCNP-RS-IERN)
H12-224 (HCNP-RS Fast Track)
H12-711 (HCNA-Security-CBSN)
H13-612 (HCNA-Storage-BSSN)
H13-629 (HCIE-Storage)
All Huawei Exams
Python
Python Programming (PCAP)
All Python Exams
Juniper
JN0-104 (JNCIA-Junos)
JN0-251 (JNCIA-MistAI)
All Juniper Exams
Fortinet
NSE4_FGT-7.0 (FortiOS 7.0)
NSE4_FGT-7.2 (FortiOS 7.2)
NSE5_FAZ-7.0 (FortiAnalyzer 7.0)
NSE5_FCT-7.0 (FortiClient EMS 7.0)
NSE5_FMG-7.0 (FortiManager 7.0)
NSE7_EFW-7.0 (Enterprise Firewall 7.0)
NSE7_SDW-7.0 (SD-WAN 7.0 )
NSE8_812 (Written Exam)
All Fortinet Exams
Sign Up
Login
Which of the following minimizes the potential attack surface for applications?
Amazon SCS-C01 Exam
Questions Number:
60
out of
160
Questions
37.50%
Question 60
Which of the following minimizes the potential attack surface for applications?
A. Use security groups to provide stateful firewalls for Amazon EC2 instances at the hypervisor level.
B. Use network ACLs to provide stateful firewalls at the VPC level to prevent access to any specific AWS resource.
C. Use AWS Direct Connect for secure trusted connections between EC2 instances within private subnets.
D. Design network security in a single layer within the perimeter network (also known as DMZ, demilitarized zone, and screened subnet) to facilitate quicker responses to threats.
Show Answer
Log In to Comment
Submit
Previous Questions
Next Questions
Question number:
1
-
160
Direct Access