{"id":80,"date":"2021-01-04T08:09:21","date_gmt":"2021-01-04T08:09:21","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question073\/"},"modified":"2021-01-04T08:09:21","modified_gmt":"2021-01-04T08:09:21","slug":"aws-certified-security-specialty-scs-c01-question073","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question073\/","title":{"rendered":"AWS Certified Security &#8211; Specialty SCS-C01 &#8211; Question073"},"content":{"rendered":"<div class=\"question\">A Security Engineer discovers that developers have been adding rules to security groups that allow SSH and RDP traffic from 0.0.0.0\/0 instead of the organization firewall IP. What is the most efficient way to remediate the risk of this activity? <br \/><strong><br \/>A.<\/strong> Delete the internet gateway associated with the VPC. <br \/><strong>B.<\/strong> Use network access control lists to block source IP addresses matching 0.0.0.0\/0. <br \/><strong>C.<\/strong> Use a host-based firewall to prevent access from all but the organization\u2019s firewall IP. <br \/><strong>D.<\/strong> Use AWS Config rules to detect 0.0.0.0\/0 and invoke an AWS Lambda function to update the security group with the organization&#039;s firewall IP.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>B<\/strong><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A Security Engineer discovers that developers have been adding rules to security groups that allow SSH and RDP traffic from 0.0.0.0\/0 instead of the organization firewall IP. What is the most efficient way to remediate the risk of this activity? A. Delete the internet gateway associated with the VPC. B. Use network access control lists [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,76],"class_list":["post-80","post","type-post","status-publish","format-standard","hentry","category-aws-certified-security-specialty-scs-c01","tag-aws-certified-security-specialty-scs-c01","tag-question-073"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts\/80","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/comments?post=80"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts\/80\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/media?parent=80"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/categories?post=80"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/tags?post=80"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}