Security Specialty (Page 41)

A company has two VPCs in the us-east-1 Region: vpc-1 and vpe-2.The company recently created an Amazon API Gateway REST API with the endpoint type set to PRIVATE.The company also created a VPC endpoint for the REST API in vpc-1.Resources in vpc-1 can access the REST API successfully.The company now wants to give resources in vpc-2 the ability to access the REST API.The company creates a VPC endpoint for the REST API in vpc-2, but the resources in vpc-2 cannot access the REST API.A security engineer must make the REST API accessible to resources in vpc-2 by creating a solution that provides the minimum access that is necessary.Which solution will meet these requirements?Read More →

A company uses Amazon API Gateway to present REST APIs to users.An API developer wants to analyze API access patterns without the need to parse the log files.Which combination of steps will meet these requirements with the LEAST effort? (Choose two.)Read More →

A company does not allow the permanent installation of SSH keys onto an Amazon Linux 2 EC2 instance.However, three employees who have IAM user accounts require access to the EC2 instance.The employees must use an SSH session to perform critical duties.How can a security engineer provide the appropriate access to the EC2 instance to meet these requirements?Read More →