ANS-C01 · Question #286
ANS-C01 Question #286: Real Exam Question with Answer & Explanation
Sign in or unlock ANS-C01 to reveal the answer and full explanation for question #286. The question stem and answer options stay visible for context.
Question
A company uses AWS Network Firewall to protect outgoing traffic for multiple VPCs that are in the same AWS account. Each VPC contains Amazon EC2 instances that host the company's applications. Each EC2 instance is tagged with the name of the application it hosts. The EC2 instances are in Auto Scaling groups. A Network Firewall stateful rule group must remain up-to-date, even when an Auto Scaling group launches and terminates EC2 instances. Which solution will meet this requirement with the LEAST implementation and administrative effort?
Options
- ACreate a network ACL for each application. Reference the network ACL in the stateful rule group.
- BCreate a prefix list for each application. Reference the prefix list in the stateful rule group.
- CCreate an AWS Lambda function that queries the EC2 instance tags for each application name
- DCreate a resource group for each application name. Reference the Amazon Resource Name
Unlock ANS-C01 to see the answer
You've previewed enough free ANS-C01 questions. Unlock ANS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.