🔥 3-day streak
AWS Certified Advanced Networking - Specialty49 / 141
Question 49 of 141
A financial services company runs application servers in private subnets across three Availability Zones in a single VPC. Compliance requires that all outbound HTTPS traffic to the internet be restricted so that only a specific approved list of external SaaS domains (e.g., api.partner-a.com, api.partner-b.com) can be reached, and all other outbound connections must be dropped and logged. The team already uses a centralized egress design with a NAT gateway. Which solution meets the requirement with the least operational overhead?
Reviewed for accuracy · Report an issueNext question