CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A company is deploying a new application on AWS and wants to ensure that the web servers are publicly available while keeping the database servers private and secure. They are planning to use Amazon EC2 instances for both web and database layers. Which of the following configurations aligns with best practices for network architecture design in an AWS VPC?

  • Deploy all the servers in a private subnet and use a VPN connection for external users to access the web application.

  • Place the web servers in a public subnet that has an Internet Gateway and place the database servers in a private subnet that does not have an Internet Gateway but can accessed through a NAT Gateway for outbound traffic.

  • Place both the web servers and the database servers in the same public subnet, using security groups and network ACLs to restrict traffic to the database servers.

  • Place the web servers in a private subnet with direct internet access through a NAT Gateway and the database servers in a separate private subnet without internet access.

This question's topic:
AWS Certified Solutions Architect Associate SAA-C03 / 
Design High-Performing Architectures
Your Score:
Design High-Performing Architectures
Design Secure Architectures
Design Resilient Architectures
Design Cost-Optimized Architectures