🔥 3-day streak
Professional Cloud Security Engineer22 / 152
Question 22 of 152

A retail company exposes a public web application behind a global external Application Load Balancer. The security team must ensure that only traffic originating from the corporate offices' well-known egress IP ranges can reach the application, while all other public traffic is blocked at the network edge before hitting the backends. The list of corporate IP ranges is large and changes periodically as new offices open. Which approach best meets these requirements while minimizing maintenance overhead?

Reviewed for accuracy · Report an issueNext question