<< Prev Question Next Question >>

Question 12/22

You launched a Linux compute Instance to host the new version of your company website via Apache HTTPS server on HTTPS (port 443).
The Instance is created in a public subnet along with other Instances. The default security list associated to the subnet is:

You want to allow access to the company website from public Internet without exposing websites eventually hosted on the other instances In the public subnet.
Which two actions should you do?

A. Access the Linux instance via SSH and configure Iptables to allow HTTPS access on port 443.

B. Create a new security list with a stateful rule to allow ingress access on port 443 and associate it to the public subnet.

C. In default security list, add a stateful rule to allow ingress access on port 443.

D. Create a network security group, add a stateful rule to allow ingress access on port 443 and associate It to the public subnet that host the company website.

E. Create a network security group, add a stateful rule to allow ingress access on port 443 and associate it to the instance that host the company website.

Recent Comments (The most recent comments are at the top.)

Matteo - Dec 18, 2020

Correct answer A, E. We want to allow public inbound access to port 443, but limited to company website instance. With a network security group associated to the instance (better said to the VNIC) we obtain this. Option D is wrong because by assigning the NSG to the whole subnet, all other instances will be reachable through port 443.

Question 12/22

Recent Comments (The most recent comments are at the top.)

LEAVE A REPLY

Download PDF File