SCS-C02 · Question #352
SCS-C02 Question #352: Real Exam Question with Answer & Explanation
The correct answer is B: Place the EC2 Instance with the Oracle database in a separate private subnet. The best secure option is to place the database in a private subnet. The below diagram from the AWS Documentation shows this setup. Also ensure that access is not allowed from all sources but just from the web servers. Option A is invalid because databases should not be placed in
Question
You are planning on hosting a web application on AWS. You create an EC2 Instance in a public subnet. This instance needs to connect to an EC2 Instance that will host an Oracle database. Which of the following steps should be followed to ensure a secure setup is in place? Select 2 answers.
Options
- APlace the EC2 Instance with the Oracle database in the same public subnet as the Web server for
- BPlace the EC2 Instance with the Oracle database in a separate private subnet
- CCreate a database security group and ensure the web security group to allowed incoming access
- DEnsure the database security group allows incoming traffic from 0.0.0.0/0
Explanation
The best secure option is to place the database in a private subnet. The below diagram from the AWS Documentation shows this setup. Also ensure that access is not allowed from all sources but just from the web servers. Option A is invalid because databases should not be placed in the public subnet Option D is invalid because the database security group should not allow traffic from the internet
Community Discussion
No community discussion yet for this question.