Free Preparation Discussions
MENU
Amazon Exam SAA-C03 Topic 3 Question 60 Discussion
Topic #: 3
[Design Secure Architectures]
A company is designing a web application with an internet-facing Application Load Balancer (ALB).
The company needs the ALB to receive HTTPS web traffic from the public internet. The ALB must send only HTTPS traffic to the web application servers hosted on the Amazon EC2 instances on port 443. The ALB must perform a health check of the web application servers over HTTPS on port 8443.
Which combination of configurations of the security group that is associated with the ALB will meet these requirements? (Select THREE.)
Option A:The ALB must accept HTTPS traffic from the public internet. Allowing inbound traffic on port 443 from 0.0.0.0/0 enables this functionality.
Option C:The ALB must forward HTTPS traffic to the web application servers on port 443. Outbound traffic for port 443 must be allowed for this communication.
Option E:The ALB must perform health checks on the web application servers over HTTPS on port 8443. Outbound traffic for port 8443 must be allowed for this purpose.
Option B:Allowing all outbound traffic is overly permissive and does not align with the specific requirements.
Option D and F:Inbound traffic to the ALB from the web application instances is unnecessary because the flow of traffic is from the ALB to the web application instances, not vice versa.
AWS Documentation Reference:
Application Load Balancer Security Groups
Health Checks for ALBs
Caprice
2 days agoDortha
3 days agoDallas
4 days agoMozelle
7 days ago