Topic 1 Question 432
3 つ選択A SysOps administrator has set up a new Amazon EC2 instance as a web server in a public subnet. The instance uses HTTP port 80 and HTTPS port 443.
The SysOps administrator has confirmed internet connectivity by downloading operating system updates and software from public repositories. However, the SysOps administrator cannot access the instance from a web browser on the internet.
Which combination of steps should the SysOps administrator take to troubleshoot this issue?
Ensure that the inbound rules of the instance’s security group allow traffic on ports 80 and 443.
Ensure that the outbound rules of the instance’s security group allow traffic on ports 80 and 443.
Ensure that ephemeral ports 1024-65535 are allowed in the inbound rules of the network ACL that is associated with the instance's subnet.
Ensure that ephemeral ports 1024-65535 are allowed in the outbound rules of the network ACL that is associated with the instance’s subnet.
Ensure that the filtering rules for any firewalls that are running on the instance allow inbound traffic on ports 80 and 443.
Ensure that AWS WAF is turned on for the instance and is blocking web traffic.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: ADE
A. Missing port 80 en 443 for inbound traffic on the security group could cause blocked traffic D. Missing ephemeral ports for outbound traffic on the subnet network ACL could cause blocked return traffic from the webserver to the user E. The EC2 instance can run it's own firewall in the OS, this could cause blocked traffic
Why not B? Outbound traffic on ports 80 and 443 work, the question mentions that downloading OS updates worked.
Why not C? Ephemeral ports are needed outbound in this case, not inbound. It's for return traffic from the webserver to the user, so outbound.
Why not F? You don't need a WAF in this case, so this options seems nonsense for me.
👍 10gamebase2024/09/20 - 正解だと思う選択肢: ADE
Why not B? Outbound traffic on ports 80 and 443 work, the question mentions that downloading OS updates worked.
Why not C? Ephemeral ports are needed outbound in this case, not inbound. It's for return traffic from the webserver to the user, so outbound.
Why not F? You don't need a WAF in this case, so this options seems nonsense for me.
👍 4klayytech2024/09/21
シャッフルモード