ANS-C01 Network Security, Compliance and Governance • Set 26
ANS-C01 Network Security, Compliance and Governance Practice Test 26 — 15 questions with explanations. Free, no signup.
A company runs a critical application on EC2 instances in a VPC. The application needs to send data to an S3 bucket and an SQS queue, both in the same AWS account. The security team requires that all traffic to these AWS services must stay within the AWS network and not traverse the internet. The VPC has private subnets with no NAT gateway or Internet Gateway. The EC2 instances have an IAM role that grants necessary permissions. The S3 bucket and SQS queue are configured with bucket policies and queue policies that deny all access except from the VPC. However, the application is failing to send data to both S3 and SQS. What should the network engineer do to resolve this issue?