A Company Is Planning on Deploying a Newly Built Application

A company is planning on deploying a newly built application on AWS in a default VPC. The application will consist of a web layer and database layer. The web server was created in public subnets, and the MySQL database was created in private subnets. All subnets are created with the default network ACL settings, and the default security group in the VPC will be replaced with new custom security groups. The following are the key requirements: The web servers must be accessible only to users on an SSL connection. The database should be accessible to the web layer, which is created in a public subnet only. All traffic to and from the IP range 182.20.0.0/16 subnet should be blocked. Which combination of steps meets these requirements? (Select two.)

A) Create a database server security group with inbound and outbound rules for MySQL port 3306 traffic to and from anywhere (0 0.0.0/0) .
B) Create a database server security group with an inbound rule for MySQL port 3306 and specify the source as a web server security group.
C) Create a web server security group with an inbound allow rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0) and an inbound deny rule for IP range 182.20.0.0/16.
D) Create a web server security group with an inbound rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0) . Create network ACL inbound and outbound deny rules for IP range 182.20.0.0/16.
E) Create a web server security group with inbound and outbound rules for HTTPS port 443 traffic to and from anywhere (0.0.0.0/0) . Create a network ACL inbound deny rule for IP range 182.20.0.0/16.

Correct Answer:

Verified

Unlock this answer now
Get Access to more Verified Answers free of charge

Access For Free