New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question

Your company is deploying a web application on AWS. The application requires a web server in a public subnet to be accessible from the internet and a database server that should only be accessible from the web server. Which of the following strategies provides appropriate network segmentation for the database server?

  • Implement a network ACL for the VPC that allows traffic from the web server to the database on the required port and denies all other inbound traffic.

  • Place the database server in a public subnet and restrict access by only allowing traffic on the database port from the web server's Elastic IP address.

  • Place the database server in a private subnet with a security group that only allows traffic from the web server's security group.

  • Deploy the database server in the same public subnet as the web server to ensure connectivity.

This question's topic:
AWS Certified Solutions Architect Associate SAA-C03 / 
Design Secure Architectures
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Pass using Crucial? Post on Social Media and get a $15 Account Credit! Rules apply. Hide these