Practice Test 4 | AWS Certified Solutions Architect Associate | SAA-C03 | Dumps | Mock Test

Question 11

You plan on hosting a web application consisting of a web server and a database server. These servers are going to be hosted on different EC2 Instances in different subnets in a VPC. Which of the following can be used to ensure that the database server only allows traffic from the web server?

A. Make use of Security Groups.

B. Make use of VPC Flow Logs.

C. Make use of Network Access Control Lists.

D. Make use of IAM Roles.

Answer

Explanation:

Answer – A

Security groups can be used to control traffic into an EC2 Instance.

For more information on this use case scenario, please visit the following URL:

https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html

Note:

NACL is used when you want deny the access for Particular IP address or the CIDR block(Set of IP address).

So, The simple funda here is that if the requirement allows the traffic, then you can go with the Security Group.
if the requirement mentioned like denies (Not allow) the traffic, then you can go with the NACL.

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65

SAA-C03

Practice Test 4 | AWS Certified Solutions Architect Associate | SAA-C03 | Dumps | Mock Test

Question 11

Answer

Explanation:

Ads Blocker Detected!!!