Answer-first summary for fast verification
Answer: Adjust EC2 security groups to permit traffic exclusively from the ALB's security group.
The correct answer is B. Configuring the security group for the EC2 instances to allow traffic only from the security group for the ALB ensures that inbound traffic to the EC2 instances is restricted to only that coming from the ALB. This method provides a secure way to manage traffic without exposing the instances to any other sources inside or outside the private subnet. Options A, C, and D do not provide the same level of security control needed for this scenario.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can a company secure its web application hosted on EC2 instances within a private VPC subnet, ensuring that only an Application Load Balancer in the public subnet can send inbound traffic to these instances?
A
Set up a route in the route table for internet traffic to reach the EC2 instances' private IPs.
B
Adjust EC2 security groups to permit traffic exclusively from the ALB's security group.
C
Relocate EC2 instances to a public subnet and assign them Elastic IPs.
D
Modify the ALB's security group to accept all TCP traffic on any port.
No comments yet.