Question 80:
A web application runs in a VPC on EC2 instances behind an ELB Application Load Balancer. The application stores data in an RDS MySQL DB instance. A Linux bastion host is used to apply schema updates to the database – administrators connect to the host via SSH from a corporate workstation. The following security groups are applied to the infrastructure- · sgLB – associated with the ELB · sgWeb – associated with the EC2 instances. · sgDB – associated with the database · sgBastion – associated with the bastion host Which security group configuration will allow the application to be secure and functional?
Answer options:
A.sgLB: Allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb: Allow port 80 and 443 traffic from 0.0.0.0/0 sgDB: Allow port 3306 traffic from sgWeb and sgBastion sgBastion: Allow port 22 traffic from the corporate IP address range B.sgLB: Allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb: Allow port 80 and 443 traffic from sgLB sgDB: Allow port 3306 traffic from sgWeb and sgLB sgBastion: Allow port 22 traffic from the VPC IP address range C.sgLB: Allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb: Allow port 80 and 443 traffic from sgLB sgDB: Allow port 3306 traffic from sgWeb and sgBastion sgBastion: Allow port 22 traffic from the VPC IP address range D.sgLB: Allow port 80 and 443 traffic from 0.0.0.0/0 sgWeb: Allow port 80 and 443 traffic from sgLB sgDB: Allow port 3306 traffic from sgWeb and sgBastion sgBastion: Allow port 22 traffic from the corporate IP address range