Question 312:
A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR 10.0.0.0/16. The public subnet uses CIDR 10.0.1.0/24. The user plans to host a web server in the public subnet with port 80 and a Database server in the private subnet with port 3306. The user is configuring a security group for the public subnet (WebSecGrp) and the private subnet (DBSecGrp). Which of the below mentioned entries is required in the private subnet database security group DBSecGrp?
Answer options:
A.Allow Inbound on port 3306 in the DBSecGrp with source as WebSecGrp. B.Allow Inbound on port 3306 from source 10.0.0.0/16. C.Allow Outbound on port 3306 in the DBSecGrp with destination as WebSecGrp. D.Allow Outbound on port 80 for destination NAT instance IP.
