SCS-C02 · Question #206
SCS-C02 Question #206: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #206. The question stem and answer options stay visible for context.
Question
A company is using an Amazon CloudFront distribution to deliver content from two origins. One origin is a dynamic application that is hosted on Amazon EC2 instances. The other origin is an Amazon S3 bucket for static assets. A security analysis shows that HTTPS responses from the application do not comply with a security requirement to provide an X-Frame-Options HTTP header to prevent frame-related cross-site scripting attacks. A security engineer must ipake the full stack compliant by adding the missing HTTP header to the responses. Which solution will meet these requirements?
Options
- ACreate a Lambda@Edge function. Include code to add the X-Frame-Options header to the
- BCreate a Lambda@Edge function. Include code to add the X-Frame-Options header to the
- CUpdate the CloudFront distribution by adding X-Frame-Options to custom headers in the origin
- DCustomize the EC2 hosted application to add the X-Frame-Options header to the responses that
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.