PAS-C01 · Question #134
PAS-C01 Question #134: Real Exam Question with Answer & Explanation
Sign in or unlock PAS-C01 to reveal the answer and full explanation for question #134. The question stem and answer options stay visible for context.
Question
A company hosts multiple SAP applications on Amazon EC2 instances in a VPC. While monitoring the environment, the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours. Which solution will meet this requirement?
Options
- AModify network ACLs that are associated with all public subnets in the VPC to deny access from
- BAdd a rule in the security group of the EC2 instances to deny access from the IP address block.
- CCreate a policy in AWS Identity and Access Management (IAM) to deny access from the IP
- DConfigure the firewall in the operating system of the EC2 instances to deny access from the IP
Unlock PAS-C01 to see the answer
You've previewed enough free PAS-C01 questions. Unlock PAS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.