Question 5:
Your team is working on a migration project in AWS platform. An Application Load Balancer is configured to route traffic to backend EC2 instances. A security group is attached in the load balancer which allows the ingress traffic from a custom TCP port. Recently, due to some project requirements, the Application Load Balancer needs to be replaced by a Network Load Balancer. Existing configurations of the load balancer should be kept if possible. How would you configure the security group in the new Network Load Balancer?
Answer options:
A.As Network Load Balancers do not have associated security groups, update the security group in the target EC2 instances. B.Use a CloudFormation template to associate the same security group with the Network Load Balancer. C.In the security group, modify the source of the inbound rule to be 0.0.0.0/0 otherwise the ingress traffic will be denied by the Network Load Balancer. D.Attach the security group to the listener of the Network Load Balancer to allow the ingress traffic from the custom TCP port.