ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 332 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 332
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A Network Load Balancer (NLB) target instance is not entering the InService state. A security engineer determines that health checks are failing.

Which factors could cause the health check failures? (Choose three.)

  • A. The target instance’s security group does not allow traffic from the NLB.
  • B. The target instance’s security group is not attached to the NLB.
  • C. The NLB’s security group is not attached to the target instance.
  • D. The target instance’s subnet network ACL does not allow traffic from the NLB.
  • E. The target instance’s security group is not using IP addresses to allow traffic from the NLB.
  • F. The target network ACL is not attached to the NLB.
Show Suggested Answer Hide Answer
Suggested Answer: ADE 🗳️
by luisfsm_111 at Nov. 18, 2022, 2:59 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
luisfsm_111
Highly Voted 2 years, 5 months ago
Selected Answer: ADE
Based on the following links, I think it's A-D-E: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/target-group-register-targets.html#target-security-groups https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-troubleshooting.html
upvoted 5 times
landsamboni
2 years, 5 months ago
Network Load Balancers do not have associated security groups. Therefore, the security groups for your targets must use IP addresses to allow traffic. You can't use the security groups for the clients as a source in the security groups for the targets. Therefore, the security groups for your targets must use the IP addresses of the clients to allow traffic.
upvoted 4 times
...
...
Toptip
Most Recent 1 year, 11 months ago
Selected Answer: ADE
A,D,E another easy question..
upvoted 1 times
...
Artaggedon
2 years, 2 months ago
Selected Answer: ADE
Answer F seems to have changed because it now talks about NACL, but stills makes no sense since it talks about target's NACL, which is ment to be used by the EC2 instances, not for the NLB. Therefore, ADE is still the correct answer.
upvoted 1 times
...
sakibmas
2 years, 4 months ago
Selected Answer: ADE
ALB has Security Group. NLB does not have Security Group. Thus, B,C & F is incorrect
upvoted 2 times
...
Un1c0rn
2 years, 5 months ago
Selected Answer: ADE
F-Incorrect: You cannot attach security groups to NLB. ADE- CORRECT
upvoted 3 times
...
Balki
2 years, 5 months ago
Selected Answer: ADE
https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-troubleshooting.html
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago