Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Security – Specialty partly missing explanation

  • partly missing explanation

  • kung

    May 3, 2020 at 10:52 pm

    There is a scenario ‘multitier online application hosted in several EC2 instances that is publicly accessible around the world’, where 2 options need to be picked. Only one of them is explained why it’s the correct option. The other option is indeed rather obvious (so obvious that I overlooked it and didn’t select it…), but still good to explain in a few words!


  • Jon-Bonso

    May 5, 2020 at 9:23 am

    Hi Robert,

    Thank you for sharing your thoughts on this scenario. As requested, I have added the following paragraph in the explanation:

    In this scenario, the web servers are hosted in public subnets behind a public-facing Application Load Balancer while the application servers are hosted in private subnets. To better protect your web servers against direct attacks, you can migrate your servers to private subnets and then remove any attached public IP or Elastic IP addresses. The public-facing Application Load Balancer can route the traffic to these web servers hosted in private subnets. This will also significantly reduce the attack surface of your cloud infrastructure.

    This will be reflected in our practice tests soon. Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!


    Jon Bonso @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018