Which configuration will meet this requirement?

By:
On:
In: SAA-C03
Tagged:
With: 0 Comments
A company’s web application is running on Amazon EC2 instances behind an Application Load Balancer.The company recently changed its policy, which now requires the application to be accessed from one specific country only.

Which configuration will meet this requirement?

Configure the security group for the EC2 instances.

Configure the security group on the Application Load Balancer.

Configure AWS WAF on the Application Load Balancer in a VPC.

Configure the network ACL for the subnet that contains the EC2 instances.

Explanations:

Security groups control access at the instance level, but they do not filter traffic based on geographic location.

Security groups on the Application Load Balancer do not provide geo-restriction capabilities; they filter based on IP.

AWS WAF can be configured to allow or block requests based on geographic location, making it suitable for this requirement.

Network ACLs provide subnet-level access control and do not support filtering based on country or geog

Leave a Reply

Your email address will not be published. Required fields are marked *

twelve + 4 =