SAA-C03 Exam Dumps - AWS Certified Solutions Architect - Associate (SAA-C03)

Go to page:

Question # 337

A solutions architect is designing a two-tier web application The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet Security is a high priority for the company

How should security groups be configured in this situation? (Select TWO )

Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.

Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.

Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.

Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.

Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.

Full Access

Question # 338

A company is preparing to launch a public-facing web application in the AWS Cloud. The architecture consists of Amazon EC2 instances within a VPC behind an Elastic Load Balancer (ELB). A third-party service is used for the DNS. The company's solutions architect must recommend a solution to detect and protect against large-scale DDoS attacks.

Which solution meets these requirements?

Enable Amazon GuardDuty on the account.

Enable Amazon Inspector on the EC2 instances.

Enable AWS Shield and assign Amazon Route 53 to it.

Enable AWS Shield Advanced and assign the ELB to it.

Full Access