SAA-C03 · Question #617
SAA-C03 Question #617: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #617. The question stem and answer options stay visible for context.
Question
A company runs an application in a private subnet behind an Application Load Balancer (ALB) in a VPC. The VPC has a NAT gateway and an internet gateway. The application calls the Amazon S3 API to store objects. According to the company's security policy, traffic from the application must not travel across the internet. Which solution will meet these requirements MOST cost- effectively?
Options
- AConfigure an S3 interface endpoint. Create a security group that allows outbound traffic to
- BConfigure an S3 gateway endpoint. Update the VPC route table to use the endpoint.
- CConfigure an S3 bucket policy to allow traffic from the Elastic IP address that is assigned to the
- DCreate a second NAT gateway in the same subnet where the legacy application is deployed.
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.