A company developed a new application that is deployed on Amazon EC2 instances behind an Application Load Balancer. The EC2 instances use the security group named sg-application-servers. The company needs a database to store the data from the application and decides to use an Amazon RDS for MySQL DB instance. The DB instance is deployed in a private DB subnet. What is the MOST restrictive configuration for the DB instance security group? A. Only allow incoming traffic from the sg-application-servers security group on port 3306. B. Only allow incoming traffic from the sg-application-servers security group on port 443. C. Only allow incoming traffic from the subnet of the application servers on port 3306. D. Only allow incoming traffic from the subnet of the application servers on port 443.  Suggested Answer: B Community Answer: A This question is in DBS-C01 AWS Certified Database – Specialty Exam For getting AWS Certified Database – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer
