ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SAP on AWS - Specialty PAS-C01 All Questions

View all questions & answers for the AWS Certified SAP on AWS - Specialty PAS-C01 exam
Go to Exam

Exam AWS Certified SAP on AWS - Specialty PAS-C01 topic 1 question 125 discussion

Exam question from Amazon's AWS Certified SAP on AWS - Specialty PAS-C01
Question #: 125
Topic #: 1
[All AWS Certified SAP on AWS - Specialty PAS-C01 Questions]

A company decides to deploy SAP non-production systems on AWS by using the standard installation model in a single Availability Zone. The company will use Amazon Elastic File System (Amazon EFS) to host SAP file systems such as /sapmnt and /usr/sap/trans.

The company launches the required Amazon EC2 instances to host these systems. However, the company cannot mount the EFS file systems to the respective EC2 instances. An SAP engineer needs to adjust the security groups that are assigned to the EC2 instances and EFS file systems to allow traffic between the EC2 instances and the EFS file systems.

Which combination of steps should the SAP engineer take to meet these requirements? (Choose two.)

  • A. Configure the security groups that are associated with the EFS file systems to allow inbound access for the TCP protocol on the NFS port (TCP 2049) from all EC2 instances where the file systems are mounted.
  • B. Configure the security groups that are associated with the EFS file systems to allow outbound access for the TCP protocol on the NFS port (TCP 2049) from all EC2 instances where the file systems are mounted.
  • C. Configure the security groups that are associated with the EFS file systems to allow outbound access from the security group of the corresponding EC2 instances on the NFS port (TCP 2049).
  • D. Configure the security groups that are associated with the EC2 instances to allow inbound access to the EFS file systems on the NFS port (TCP 2049).
  • E. Configure the security groups that are associated with the EC2 instances to allow outbound access to the EFS file systems on the NFS port (TCP 2049).
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by odre90 at Dec. 9, 2023, 1:32 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jelley
1 year, 2 months ago
Selected Answer: AE
A & E are correct
upvoted 2 times
...
acethetest1000
1 year, 5 months ago
Selected Answer: AD
No need for outbound rule: https://docs.aws.amazon.com/efs/latest/ug/accessing-fs-create-security-groups.html
upvoted 1 times
...
geoakes
1 year, 5 months ago
Selected Answer: AE
A & E: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html AND https://docs.aws.amazon.com/efs/latest/ug/accessing-fs-create-security-groups.html Since SGs are stateful, the EC2 instance needs to have outbound ports enabled if not the default. EFS only needs the inbound as the return will automatically be allowed.
upvoted 3 times
...
LocalHero
1 year, 5 months ago
A, E are correct
upvoted 1 times
...
khchan123
1 year, 6 months ago
A and E.
upvoted 1 times
...
odre90
1 year, 6 months ago
Selected Answer: BD
B and D
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel