Multiple Choice
A Development team has built an experimental environment to test a simple static web application. It has built an isolated VPC with a private and a public subnet. The public subnet holds only an Application Load Balancer, a NAT gateway, and an internet gateway. The private subnet holds all of the Amazon EC2 instances. There are 3 different types of servers. Each server type has its own Security Group that limits access to only required connectivity. The Security Groups have both inbound and outbound rules applied. Each subnet has both inbound and outbound network ACLs applied to limit access to only required connectivity. Which of the following should the team check if a server cannot establish an outbound connection to the internet? (Choose three.)
A) The route tables and the outbound rules on the appropriate private subnet security group.
B) The outbound network ACL rules on the private subnet and the inbound network ACL rules on the public subnet.
C) The outbound network ACL rules on the private subnet and both the inbound and outbound rules on the public subnet.
D) The rules on any host-based firewall that may be applied on the Amazon EC2 instances.
E) The Security Group applied to the Application Load Balancer and NAT gateway.
F) That the 0.0.0.0/0 route in the private subnet route table points to the Internet gateway in the public subnet.
Correct Answer:
Verified
Correct Answer:
Verified
Q206: A company plans to use custom AMIs
Q207: A company wants to control access to
Q208: A company had one of its Amazon
Q209: A Security Engineer must design a solution
Q210: The AWS Systems Manager Parameter Store is
Q212: An application has been written that publishes
Q213: A company is using AWS Organizations to
Q214: A company has complex connectivity rules governing
Q215: An Amazon S3 bucket is encrypted using
Q216: A company's security information events management (SIEM)