A company has two VPCs that are in the same AWS account. One VPC is located in the us-east-1 Region, and the other VPC is located in the us-west-2 region. The VPCs have an active VPC peering connection with each other, and the route tables for each VPC are configured to route network traffic properly between each VPC. An Amazon Aurora DB instance exists in the VPC in us-east-1, and…

QuestionsCategory: SCS-C01A company has two VPCs that are in the same AWS account. One VPC is located in the us-east-1 Region, and the other VPC is located in the us-west-2 region. The VPCs have an active VPC peering connection with each other, and the route tables for each VPC are configured to route network traffic properly between each VPC. An Amazon Aurora DB instance exists in the VPC in us-east-1, and…
Admin Staff asked 3 months ago
A company has two VPCs that are in the same AWS account. One VPC is located in the us-east-1 Region, and the other VPC is located in the us-west-2 region. The VPCs have an active VPC peering connection with each other, and the route tables for each VPC are configured to route network traffic properly between each VPC.
An Amazon Aurora DB instance exists in the VPC in us-east-1, and the DB instance’s security group controls access to the DB instance. An Auto Scaling group is running in the VPC in us-west-2. The Auto Scaling group is continually adding and removing Amazon EC2 instances because of fluctuations in the demand for capacity. Every EC2 instance that launches as part of the Auto Scaling group belongs to a security group that is specific to the Auto Scaling group.
A security engineer needs to configure a solution that allows the EC2 instances to access the DB instance that is located in us-east-1.
Which solution will meet these requirements with the LEAST amount of effort?

A. Add the ID of the DB instance’s security group to the inbound rules of the EC2 instances’ security group.

B. Add the subnets used by the Auto Scaling group of the VPC in us-west-2 to the DB instance’s security group,

C. Add the private IP address of each EC2 instance from the Auto Scaling group to the DB instance's security group.

D. Add the ID of the EC2 instances’ security group to the inbound rules of the DB instance's securely group.








 

Suggested Answer: A

Community Answer: B




This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.
Question Tags:

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.