SCS-C02 · Question #272
SCS-C02 Question #272: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #272. The question stem and answer options stay visible for context.
Question
A Developer is building a serverless application that uses Amazon API Gateway as the front end. The application will not be publicly accessible. Other legacy applications running on Amazon EC2 will make calls to the application. A Security Engineer Has been asked to review the security controls for authentication and authorization of the application. Which combination of actions would provide the MOST secure solution? (Select TWO )
Options
- AConfigure an IAM policy that allows the least permissive actions to communicate with the API
- BEnable AWS WAF for API Gateway Configure rules to explicitly allow connections from the legacy
- CCreate a VPC endpoint for API Gateway Attach an IAM resource policy that allows the role of the
- DCreate a usage plan Generate a set of API keys for each application that needs to call the API.
- EConfigure cross-origin resource sharing (CORS) in each API Share the CORS information with
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.