Home › Forums › AWS › AWS Certified SysOps Administrator Associate › set 1 questions › Reply To: set 1 questions
-
Hello jjreyn,
In addition to the answer provided by Gerome.
The correct answer only has A and C — for C to work, you would also need to do D and E, no?
>> You will need A, because the EC2 instance will need to reply to inbound traffic (port 80 and 443), the Outbound traffic for that will be ephemeral ports 1024 – 65535
>> You will need C, because you need to call third-party API with the ports HTTP and HTTPS
>> You don’t need D, because inbound traffic is only limited to Port 80 and port 443. You don’t need inbound traffic for ephemeral ports. NACLs have independent inbound and outbound rules.
>> You don’t need E, as Security Groups are stateful, traffic will be allowed outbound if you already have an Inbound rule for it.
Let us know if you need further assistance.
Regards,
Kenneth Samonte @ Tutorials Dojo