🔥 3-day streak
AWS Certified Advanced Networking - Specialty53 / 141
Question 53 of 141
A financial services company runs a multi-tier application in a single VPC. The security team requires that all outbound traffic from application subnets be inspected against a continuously updated list of known malicious IP addresses and that stateful connection tracking be applied so that return traffic is automatically allowed without opening broad ephemeral port ranges. They also need centralized, human-readable logging of allowed and denied flows for compliance audits. Which approach best meets these requirements with the least operational overhead?
Reviewed for accuracy · Report an issueNext question