A cloud team wants to configure a network security group to block traffic from certain regions that are sending unexpected requests to one instance, while maintaining the ability to receive all other connections. Which method achieves this limitation effectively at the instance boundary?
Activate a route table that sends untrusted connections to a sinkhole
Define an address-based rule set at the boundary that denies requests from selected regions
Rely on host-based firewall scripts to filter inbound traffic
Enable an application load balancer that distributes incoming connections evenly
A boundary-level rule set that denies connections from specific address ranges effectively blocks traffic at the network edge. Using local firewall scripts on the operating system can be less efficient to maintain and may not provide the same centralized filtering advantages. Enabling a load balancer to distribute requests does not address unwanted connections from specific regions. Activating a route table to direct suspicious traffic to a sinkhole does not offer the same focused control for filtering by region.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a network security group?
Open an interactive chat with Bash
How can a boundary-level rule set block traffic from specific regions?
Open an interactive chat with Bash
Why are host-based firewalls less efficient than boundary-level rule sets?
Open an interactive chat with Bash
CompTIA Cloud+ CV0-004
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access