A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR
20.0.0.0/16. The public subnet uses CIDR 20.0.1.0/24. The user is planning to host a web server in the public
subnet (port 80. and a DB server in the private subnet (port 3306.. The user is configuring a security group for
the public subnet (WebSecGrp. and the private subnet (DBSecGrp.. Which of the below mentioned entries is
required in the web server security group (WebSecGrp.?
A.
Configure Destination as DB Security group ID (DbSecGrp. for port 3306 Outbound
B.
80 for Destination 0.0.0.0/0 Outbound
C.
Configure port 3306 for source 20.0.0.0/24 InBound
D.
Configure port 80 InBound for source 20.0.0.0/16
Explanation:
A user can create a subnet with VPC and launch instances inside that subnet. If the user has created a public
private subnet to host the web server and DB server respectively, the user should configure that the instances
in the public subnet can receive inbound traffic directly from the internet. Thus, the user should configure port
80 with source 0.0.0.0/0 in InBound. The user should configure that the instance in the public subnet can send
traffic to the private subnet instances on the DB port. Thus, the user should configure the DB security group of
the private subnet (DbSecGrp. as the destination for port 3306 in Outbound.
A
2
0
I think must be C,
About A: default, outbout traffic is opened to all. And in order instances from public subnet can access to DB inside private subnet, DB must allow inbout 3306 with source is public subnet.
0
0
a
0
0
D is correct.
A e B – Not not need to specify Outbound in Security Groups.
C – Port 3306 is used for mySQL , not for WEB Http
0
0
Sorry…we have not correct answer here. I believe that correct question is:
A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR 20.0.0.0/16. The public subnet uses CIDR 20.0.1.0/24. The user is planning to host a web server in the public subnet (port 80) and a DB server in the private subnet (port 3306). The user is configuring a security group for the public subnet (WebSecGrp) and the private subnet (DBSecGrp). Which of the below mentioned entries is required in the web server security group (WebSecGrp)?
a) Configure Destination as DB Security group ID (DbSecGrp) for port 3306 Outbound
b) 80 for Destination 0.0.0.0/0 INBOUNT
c) Configure port 3306 for source 20.0.0.0/24 InBound
d) Configure port 80 InBound for source 20.0.0.0/16
In this case, the correct is B
0
0
Makes sense a/c to the question!
0
0
Answer is A according pass4sure.
Explanation:
A user can create a subnet with VPC and launch instances inside that subnet. If the user has created a public private subnet to host the web server and DB server respectively, the user should configure that the instances in the public subnet can receive inbound traffic directly from the internet. Thus, the user should configure port 80 with source 0.0.0.0/0 in InBound. The user should configure that the instance in the public subnet can send traffic to the private subnet instances on the DB port. Thus, the user should configure the DB security group of the private subnet (DbSecGrp) as the destination for port 3306 in Outbound.
0
0
Answer is B.
The question is “Which of the below mentioned entries is required in the web server security group (WebSecGrp)?”. It’s obvious that the the answer should focus on the WebSecGrp.
A and C is to configure the DBSecGrp which is incorrect
D is incorrect as it will limit the access to Port 80 from this CIRDR block of 20.0.0.0/16 ONLY.
Now, remember that Security Group is Statefull.
The correct answer is B.
If you change the Outbound Traffic of Port 80 Destination 0.0.0.0/0. It will also allow Inbound traffic to comes back in.
0
0
A does not configure DBSecGrp . DBSecGrp is the destination.
B inbound ,not outbound. so b is wrong.
0
0
A does not configure DBSecGrp . DBSecGrp is the destination.
B inbound ,not outbound. so b is wrong. 80 for Destination 0.0.0.0/0 INBOUNT
0
0
Ans is A
0
0
None of the answers are correct …
0
0
A
0
0
A
0
0