SAA-C03 · Question #269
SAA-C03 Question #269: Real Exam Question with Answer & Explanation
The correct answer is A: Use AWS Firewall Manager to create a set of rules based on the security requirements. Replicate. AWS Firewall Manager integrates with AWS Organizations to centrally manage and apply security group policies, AWS WAF rules, and AWS Shield Advanced protections. It automates the propagation of rules across accounts and Regions and can also audit and remediate noncompliant config
Question
A company manages multiple AWS accounts in an organization in AWS Organizations. The company's applications run on Amazon EC2 instances in multiple AWS Regions. The company needs a solution to simplify the management of security rules across the accounts in its organization. The solution must apply shared security group rules, audit security groups, and detect unused and redundant rules in VPC security groups across all AWS environments. Which solution will meet these requirements with the MOST operational efficiency?
Options
- AUse AWS Firewall Manager to create a set of rules based on the security requirements. Replicate
- BUse AWS CloudFormation StackSets to provision VPC security groups based on the
- CUse AWS CloudFormation StackSets to provision VPC security groups based on the
- DUse AWS Network Firewall to build policies based on the security requirements. Centrally apply
Explanation
AWS Firewall Manager integrates with AWS Organizations to centrally manage and apply security group policies, AWS WAF rules, and AWS Shield Advanced protections. It automates the propagation of rules across accounts and Regions and can also audit and remediate noncompliant configurations.
Community Discussion
No community discussion yet for this question.