DBS-C01 · Question #146
DBS-C01 Question #146: Real Exam Question with Answer & Explanation
Sign in or unlock DBS-C01 to reveal the answer and full explanation for question #146. The question stem and answer options stay visible for context.
Question
A company developed a new application that is deployed on Amazon EC2 instances behind an Application Load Balancer. The EC2 instances use the security group named sg-application- servers. The company needs a database to store the data from the application and decides to use an Amazon RDS for MySQL DB instance. The DB instance is deployed in private DB subnet. What is the MOST restrictive configuration for the DB instance security group?
Options
- AOnly allow incoming traffic from the sg-application-servers security group on port 3306.
- BOnly allow incoming traffic from the sg-application-servers security group on port 443.
- COnly allow incoming traffic from the subnet of the application servers on port 3306.
- DOnly allow incoming traffic from the subnet of the application servers on port 443.
Unlock DBS-C01 to see the answer
You've previewed enough free DBS-C01 questions. Unlock DBS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.