ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 10 - SCS-C01 discussion

Report
Export

A Developer is building a serverless application that uses Amazon API Gateway as the front end. The application will not be publicly accessible. Other legacy applications running on Amazon EC2 will make calls to the application A Security Engineer Has been asked to review the security controls for authentication and authorization of the application Which combination of actions would provide the MOST secure solution? (Select TWO )

A.
Configure an IAM policy that allows the least permissive actions to communicate with the API Gateway Attach the policy to the role used by the legacy EC2 instances
Answers
A.
Configure an IAM policy that allows the least permissive actions to communicate with the API Gateway Attach the policy to the role used by the legacy EC2 instances
B.
Enable AWS WAF for API Gateway Configure rules to explicitly allow connections from the legacy EC2 instances
Answers
B.
Enable AWS WAF for API Gateway Configure rules to explicitly allow connections from the legacy EC2 instances
C.
Create a VPC endpoint for API Gateway Attach an IAM resource policy that allows the role of the legacy EC2 instances to call specific APIs
Answers
C.
Create a VPC endpoint for API Gateway Attach an IAM resource policy that allows the role of the legacy EC2 instances to call specific APIs
D.
Create a usage plan Generate a set of API keys for each application that needs to call the API.
Answers
D.
Create a usage plan Generate a set of API keys for each application that needs to call the API.
E.
Configure cross-origin resource sharing (CORS) in each API Share the CORS information with the applications that call the API.
Answers
E.
Configure cross-origin resource sharing (CORS) in each API Share the CORS information with the applications that call the API.
Suggested answer: A, E
asked 16/09/2024
IOSSIF ZINGUER
46 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first