Question: 1
Which of the following are valid configurations for using SSL certificates with Amazon CloudFront? (Select THREE )
Question: 2
A company has several workloads running on AWS Employees are required to authenticate using on-premises ADFS and SSO to access the AWS Management Console Developers migrated an existing legacy web application to an Amazon EC2 instance Employees need to access this application from anywhere on the internet but currently, mere is no authentication system but into the application.
How should the Security Engineer implement employee-only access to this system without changing the application?
Question: 3
A company has a website with an Amazon CloudFront HTTPS distribution, an Application Load Balancer (ALB) with multiple web instances for dynamic website content, and an Amazon S3 bucket for static website content. The company's security engineer recently updated the website security requirements:
* HTTPS needs to be enforced for all data in transit with specific ciphers.
* The CloudFront distribution needs to be accessible from the internet only.
Which solution will meet these requirements?
Question: 4
A recent security audit found that AVVS CloudTrail logs are insufficiently protected from tampering and unauthorized access Which actions must the Security Engineer take to address these audit findings? (Select THREE )
Question: 5
A Security Administrator is configuring an Amazon S3 bucket and must meet the following security requirements:
* Encryption in transit
* Encryption at rest
* Logging of all object retrievals in AWS CloudTrail
Which of the following meet these security requirements? (Choose three.)