ExpertMedium1 markMultiple Choice
AWS SAP-C02 · Question 33 · Domain 2.3: Security Controls
A company wants to implement a Zero Trust architecture for their internal web applications hosted on EC2. Users should authenticate via the corporate Identity Provider (IdP) before accessing the applications, without using a VPN. Which AWS service provides this capability?
A company wants to implement a Zero Trust architecture for their internal web applications hosted on EC2. Users should authenticate via the corporate Identity Provider (IdP) before accessing the applications, without using a VPN. Which AWS service provides this capability?
Answer options:
A.
AWS Client VPN
B.
AWS Verified Access
C.
AWS Direct Connect
D.
Amazon API Gateway
How to approach this question
Look for the AWS service designed specifically for VPN-less Zero Trust access.
Full Answer
B.AWS Verified Access✓ Correct
AWS Verified Access provides secure, VPN-less access to corporate applications. It verifies every access request in real-time based on identity and device posture.
Common mistakes
Choosing Client VPN when the prompt forbids it.
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 6
75 questions · hints · full answers · grading
More questions from this exam
Q01A global enterprise requires highly available hybrid connectivity between its on-premises data ce...HardQ02An organization has 50 VPCs across two AWS Regions connected via Transit Gateways (TGW). The TGWs...HardQ03A company uses AWS Organizations. The network team wants to share a central Transit Gateway (TGW)...MediumQ04An enterprise has on-premises data centers in the US and Europe. They want to use the AWS global ...HardQ05A company requires that all API calls to Amazon S3 from their VPC must not traverse the public in...Medium