A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR
20.0.0.0/16. The public subnet uses CIDR 20.0.1.0/24. The user is planning to host a web server in the public
subnet (port 80. and a DB server in the private subnet (port 3306). The user is configuring a security group for
the public subnet (WebSecGrp) and the private subnet (DBSecGrp). Which of the below mentioned entries is
required in the web server security group (WebSecGrp)?

A.
Configure Destination as DB Security group ID (DbSecGrp. for port 3306 Outbound

B.
80 for Destination 0.0.0.0/0 Outbound

C.
Configure port 3306 for source 20.0.0.0/24 InBound

D.
Configure port 80 InBound for source 20.0.0.0/16

Explanation:
A user can create a subnet with VPC and launch instances inside that subnet. If the user has created a public
private subnet to host the web server and DB server respectively, the user should configure that the instances
in the public subnet can receive inbound traffic directly from the internet. Thus, the user should configure port80 with source 0.0.0.0/0 in InBound. The user should configure that the instance in the public subnet can send
traffic to the private subnet instances on the DB port. Thus, the user should configure the DB security group of
the private subnet (DbSecGrp) as the destination for port 3306 in Outbound.