You have a 2 tier application hosted in AWS. It consists of a web server and database server (SQL Server) hosted on separate EC2 Instances. You are devising the security groups for these EC2 Instances. The Web tier needs to be accessed by users across the Internet. You have created a web security group(wg-123) and a database security group(db-345). Which combination of the following security group rules will allow the application to be secure and functional? Choose 2 answers from the options given below.

Answer options:

A.wg-123- Allow ports 80 and 443 from 0.0.0.0/0
B.db-345- Allow port 1433 from wg-123
C.wg-123- Allow port 1433 from wg-123
D.db-345- Allow ports 1433 from 0.0.0.0/0

Answer: A and B
Option A is CORRECT because the web security group (wg-123) should allow access from ports 80 and 443 for HTTP and HTTPS traffic (web application) for all users across the internet.
Option B is CORRECT because the database security group (db-345) should allow access from the web security group on port 1433 (for SQL).
Option C is incorrect because this is an invalid configuration.
Option D is incorrect because database access should not be allowed over the internet (0.0.0.0/0) for security best practices.
For more information on Security Groups, please visit the below URL:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html