Answer-first summary for fast verification
Answer: Configure security groups to allow port 443 access for web servers from the load balancer and port 3306 access for MySQL from the web servers' security group.
Option C is correct because it follows the principle of least privilege by ensuring the web servers only accept HTTPS traffic (port 443) from the load balancer, rather than from any IP address. Additionally, the MySQL servers only accept traffic on port 3306 from the web servers' security group, not from any IP. This minimizes unnecessary exposure and aligns with the company's security policy.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In a VPC design with public subnets for a load balancer, private subnets for web servers using HTTPS, and private subnets for MySQL, what configuration strategy aligns with company policy to ensure minimal access for each resource's functionality?
A
Establish security groups allowing unrestricted port 443 access for web servers and port 3306 access for MySQL from the web servers' group.
B
Implement network ACLs permitting port 443 access for web servers and port 3306 access for MySQL from the web servers' security group, both from any IP.
C
Configure security groups to allow port 443 access for web servers from the load balancer and port 3306 access for MySQL from the web servers' security group.
D
Use network ACLs to allow port 443 access for web servers from the load balancer and port 3306 access for MySQL from the web servers' security group.
No comments yet.