인프런 커뮤니티 질문&답변

혹시 아래 문제에 대해 도움을 주실 수 있을까요? 잘 이해가 되지 않아서요..;;

Your company decides to use Amazon S3 to augment its on-premises data store. Instead of using the company's highly controlled, on-premises Internet gateway, a Direct Connect connection is ordered to provide high bandwidth, low latency access to S3. Since the company does not own a publically routable IPv4 address block, a request was made to AWS for an AWS-owned address for a Public Virtual Interface (VIF). The security team is calling this new connection a backdoor, and you have been asked to clarify the risk to the company. Which concern from the security team is valid and should be addressed?

• A. AWS advertises its aggregate routes to the Internet allowing anyone on the Internet to reach the router.

• B. Direct Connect customers with a Public VIF in the same region could directly reach the router.

• C. EC2 instances in the same region with access to the Internet could directly reach the router.

• D. The S3 service could reach the router through a pre-configured VPC Endpoint.