makeporngreatagain.pro
yeahporn.top
hd xxx
Uncategorized

Practice Test 1 | AWS Certified Solutions Architect Associate | SAA-C03 | Dumps | Mock Test

55,473

Question 12

A company hosts a popular web application that connects to an Amazon RDS MySQL DB instance running in a default VPC private subnet with NACL settings that was created by AWS as default. The web servers must be accessible only to customers on HTTPS connections, and the database must only be accessible to web servers in a public subnet. Which solution would meet these requirements without impacting other applications? (SELECT TWO)

A. Create a network ACL on the Web Server’s subnets, allow HTTPS port 443 inbound and specify the source as 0.0.0.0/0.

B. Create a Web Server security group that allows HTTPS port 443 inbound traffic from anywhere (0.0.0.0/0) and apply it to the Web Servers.

C. Create a DB Server security group that allows MySQL port 3306 inbound and specify the source as the Web Server security group.

D. Create a network ACL on the DB subnet, allow MySQL port 3306 inbound for Web Servers and deny all outbound traffic.

E. Create a DB Server security group that allows HTTPS port 443 inbound and specify the source as a Web Server security group.

Answer

Explanation:

Correct Answer – B and C

This sort of setup is explained in the AWS documentation.

1) To ensure that traffic can flow into your webserver from anywhere on secure traffic, you need to allow inbound security at 443.

2) And then, you need to ensure that traffic can flow from the webserver to the database server via the database security group.

The below snapshots from the AWS Documentation show rule tables for security groups related to the same requirements as in the question.

  • Options A and D are invalid answers.
  • Network ACLs are stateless. So we need to set rules for both inbound and outbound traffic for Network ACLs.
  • Option E is also invalid because, in order to communicate with the MySQL servers, we need to allow traffic to flow through port 3306.
  • Note: The above correct options are the combination of steps required to secure your web and database servers. Besides, the company may implement additional security measures from their end.
admin
You might also like More from author

Comments are closed, but trackbacks and pingbacks are open.

baseofporn.com https://www.opoptube.com
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.