Topic 1 Question 218
2 つ選択A company has a web server running on an Amazon EC2 instance in a public subnet with an Elastic IP address. The default security group is assigned to the EC2 instance. The default network ACL has been modified to block all traffic. A solutions architect needs to make the web server accessible from everywhere on port 443.
Which combination of steps will accomplish this task?
Create a security group with a rule to allow TCP port 443 from source 0.0.0.0/0.
Create a security group with a rule to allow TCP port 443 to destination 0.0.0.0/0.
Update the network ACL to allow TCP port 443 from source 0.0.0.0/0.
Update the network ACL to allow inbound/outbound TCP port 443 from source 0.0.0.0/0 and to destination 0.0.0.0/0.
Update the network ACL to allow inbound TCP port 443 from source 0.0.0.0/0 and outbound TCP port 32768-65535 to destination 0.0.0.0/0.
ユーザの投票
コメント(11)
- 正解だと思う選択肢: AE
A, E is perfect the combination. To be more precise, We should add outbound with "outbound TCP port 32768-65535 to destination 0.0.0.0/0." as an ephemeral port due to the stateless of NACL.
👍 7Parsons2023/01/14 - 正解だと思う選択肢: AE
AE correct
👍 3Aninina2023/01/16 - 正解だと思う選択肢: AE
A & E , E as NACL is stateless.
👍 2techhb2023/01/16
シャッフルモード