ANS-C01 Network Security, Compliance and Governance • Set 28
ANS-C01 Network Security, Compliance and Governance Practice Test 28 — 15 questions with explanations. Free, no signup.
A company has a VPC with public and private subnets. They have a web application running on EC2 instances in an Auto Scaling group in the public subnets. The application needs to read and write data to an S3 bucket. They want to ensure that traffic to S3 does not traverse the internet. The security team also requires that all traffic to S3 be logged. The current setup uses a NAT Gateway for outbound internet access. However, the NAT Gateway is a single point of failure and costs are high. They want to replace it with a more cost-effective and highly available solution that meets the logging requirement. What should they do?