ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 624 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 624
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company is designing an application to run in a VPC on AWS. The application consists of Amazon EC2 instances that run in private subnets as part of an Auto
Scaling group. The application also includes a Network Load Balancer that extends across public subnets. The application stores data in an Amazon RDS DB instance.
The company has attached a security group that is named `web-servers` to the EC2 instances. The company has attached a security group that is named
`database` to the DB instance.
How should a solutions architect configure the communication between the EC2 instances and the DB instance?

  • A. Configure the ג€web-serversג€ security group to allow access to the DB instance's current IP addresses. Configure the ג€databaseג€ security group to allow access from the current set of IP addresses in use by the EC2 instances.
  • B. Configure the ג€web-serversג€ security group to allow access to the ג€databaseג€ security group. Configure the ג€databaseג€ security group to allow access from the ג€web-serversג€ security group.
  • C. Configure the ג€web-serversג€ security group to allow access to the DB instance's current IP addresses. Configure the ג€databaseג€ security group to allow access from the Auto Scaling group.
  • D. Configure the ג€web-serversג€ security group to allow access to the ג€databaseג€ security group. Configure the ג€databaseג€ security group to allow access from the Auto Scaling group.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by guptatrng at Sept. 8, 2022, 6:56 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rodriiviru
2 years, 8 months ago
Selected Answer: B
The rules of a security group control the inbound traffic that's allowed to reach the resources that are associated with the security group. The rules also control the outbound traffic that's allowed to leave them. You can grant access to a specific CIDR range, or to another security group in your VPC or in a peer VPC (requires a VPC peering connection). https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#working-with-security-group-rules
upvoted 1 times
...
jw1806
2 years, 8 months ago
Selected Answer: B
not very sure, B sounds right. I think these are new questions and not many discussions.
upvoted 1 times
...
guptatrng
2 years, 9 months ago
I think its B..
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel