Special Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Amazon Web Services Updated SCS-C01 Exam Questions and Answers by amani

Page: 42 / 43

Amazon Web Services SCS-C01 Exam Overview :

Exam Name: AWS Certified Security - Specialty
Exam Code: SCS-C01 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Specialty
Questions: 589 Q&A's Shared By: amani
Question 168

DDoS attacks that happen at the application layer commonly target web applications with lower volumes of traffic compared to infrastructure attacks. To mitigate these types of attacks, you should probably want to include a WAF (Web Application Firewall) as part of your infrastructure. To inspect all HTTP requests, WAFs sit in-line with your application traffic. Unfortunately, this creates a scenario where WAFs can become a point of failure or bottleneck. To mitigate this problem, you need the ability to run multiple WAFs on demand during traffic spikes. This type of scaling for WAF is done via a "WAF sandwich." Which of the following statements best describes what a "WAF sandwich" is? Choose the correct answer from the options below

Please select:

Options:

A.

The EC2 instance running your WAF software is placed between your private subnets and any NATed connections to the internet.

B.

The EC2 instance running your WAF software is placed between your public subnets and your Internet Gateway.

C.

The EC2 instance running your WAF software is placed between your public subnets and your private subnets.

D.

The EC2 instance running your WAF software is included in an Auto Scaling group and placed in between two Elastic load balancers.

Discussion
Lennie
I passed my exam and achieved wonderful score, I highly recommend it.
Emelia Oct 2, 2024
I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!
Mylo
Excellent dumps with authentic information… I passed my exam with brilliant score.
Dominik Aug 29, 2024
That's amazing! I've been looking for good study material that will help me prepare for my upcoming certification exam. Now, I will try it.
Atlas
What are these Dumps? Would anybody please explain it to me.
Reign Aug 14, 2024
These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.
Kingsley
Do anyone guide my how these dumps would be helpful for new students like me?
Haris Sep 11, 2024
Absolutely! They are highly recommended for anyone looking to pass their certification exam. The dumps are easy to understand and follow, making it easier for you to study and retain the information.
Carson
Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.
Rufus Aug 20, 2024
Me too. They're a lifesaver!
Question 169

Your company has defined a set of S3 buckets in IAM. They need to monitor the S3 buckets and know the source IP address and the person who make requests to the S3 bucket. How can this be achieved?

Please select:

Options:

A.

Enable VPC flow logs to know the source IP addresses

B.

Monitor the S3 API calls by using Cloudtrail logging

C.

Monitor the S3 API calls by using Cloudwatch logging

D.

Enable IAM Inspector for the S3 bucket

Discussion
Question 170

Your company has a set of EC2 Instances defined in IAM. They need to ensure that all traffic packets are monitored and inspected for any security threats. How can this be achieved? Choose 2 answers from the options given below

Please select:

Options:

A.

Use a host based intrusion detection system

B.

Use a third party firewall installed on a central EC2 instance

C.

Use VPC Flow logs

D.

Use Network Access control lists logging

Discussion
Question 171

A company is using a Redshift cluster to store their data warehouse. There is a requirement from the Internal IT Security team to ensure that data gets encrypted for the Redshift database. How can this be achieved?

Please select:

Options:

A.

Encrypt the EBS volumes of the underlying EC2 Instances

B.

Use IAM KMS Customer Default master key

C.

Use SSL/TLS for encrypting the data

D.

Use S3 Encryption

Discussion
Page: 42 / 43
Title
Questions
Posted

SCS-C01
PDF

$36.75  $104.99

SCS-C01 Testing Engine

$43.75  $124.99

SCS-C01 PDF + Testing Engine

$57.75  $164.99