本题库由云计算狂魔微信公众号分享。
【SAA-C03助理级解决方案架构师认证】
A company wants to migrate its on-premises data center to AWS.According to the company's compliance requirements, the company can use only the ap-northeast-3 Region. Company administrators are not permitted to connect VPCs to the internet
Which solutions will meet these requirements?(Select TWO)
A : Use AWS Control Tower to implement data residency guardrails to deny internet access and deny access to all AWS Regions except ap-northeast-3
B : Use rules in AWS WAF to prevent internet access. Deny access to all AWS Regions exceptap- northeast-3 in the AWS account settings.
C : Use AWS Organizations to configure service control policies (SCPs) that prevent VPCs from gaining internet access. Deny access to all AWS Regions except ap-northeast-3.
D : Create an outbound rule for the network ACL in each VPC to deny all traffic from 0.0.0.0/0. Create an IAM policy for each user to prevent the use of any AWS Region other than ap- northeast-3
E : Use AWS Config to activate managed rules to E detect and alert for new resources deployed detect and alert for internet gateways and to outside of ap-northeast-3