🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional76 / 124
Question 76 of 124

A cloud architect is designing network controls for a three-tier web application hosted in IaaS. The web tier must accept HTTPS from the internet, the application tier should only receive traffic from the web tier, and the database tier should only be reachable from the application tier. The security team also insists on inspecting inbound HTTP payloads for SQL injection and cross-site scripting attempts. Which combination of controls BEST satisfies these requirements?

Reviewed for accuracy · Report an issueNext question