Amazon Web Services SCS-C03 Question Answer
A company’s application team wants to replace an internal application with a new AWS architecture that consists of Amazon EC2 instances, an AWS Lambda function, and an Amazon S3 bucket in a single AWS Region. After an architecture review, the security team mandates that no application network traffic can traverse the public internet at any point. The security team already has an SCP in place for the company’s organization in AWS Organizations to restrict the creation of internet gateways, NAT gateways, and egress-only gateways.
Which combination of steps should the application team take to meet these requirements? (Select THREE.)
Amazon Web Services SCS-C03 Summary
- Vendor: Amazon Web Services
- Product: SCS-C03
- Update on: Jul 2, 2026
- Questions: 231

