SAA-C03 · Question #820
SAA-C03 Question #820: Real Exam Question with Answer & Explanation
The correct answer is C: Create a VPC that has an internet gateway, public subnets, and private subnets. Deploy an. Deploying ECS tasks in public subnets with awsvpc network mode allows each task to have its own elastic network interface and direct internet access for outbound connections. Placing an Application Load Balancer in the public subnets provides a single entry point for users, minim
Question
A company is creating a payment processing application that supports TLS connections from IPv4 clients. The application requires outbound access to the public internet. The application must allow users to access the application from a single entry point while maintaining the lowest possible attack surface. The company wants to use Amazon Elastic Container Service (Amazon ECS) tasks to deploy the application. The company wants to enable awsvpc network mode. Which solution will meet these requirements?
Options
- ACreate a VPC that has an internet gateway, public subnets, and private subnets. Deploy a
- BCreate a VPC that has an outbound-only internet gateway, public subnets, and private subnets.
- CCreate a VPC that has an internet gateway, public subnets, and private subnets. Deploy an
- DCreate a VPC that has an outbound-only internet gateway, public subnets, and private subnets.
Explanation
Deploying ECS tasks in public subnets with awsvpc network mode allows each task to have its own elastic network interface and direct internet access for outbound connections. Placing an Application Load Balancer in the public subnets provides a single entry point for users, minimizing the attack surface while supporting TLS connections.
Community Discussion
No community discussion yet for this question.