A customer set up an Amazon VPC with one private subnet and one public subnet with a NAT gateway. The VPC will contain a group of Amazon EC2 instances.All instances will configure themselves at startup by downloading a bootstrap script from an Amazon S3 bucket with a policy that only allows access from the customer's Amazon EC2 instances and then deploys an application through GIT. A Solutions Architect has been asked to design a solution that provides the highest level of security regarding network connectivity to the Amazon EC2 instances.How should the Architect design the infrastructure?

Question

Accepted Answer

Place the Amazon EC2 instances in a public subnet, and assign EIPs; route outgoing traffic through the NAT gateway.

Answer

Place the Amazon EC2 instances in the public subnet, with no EIPs; route outgoing traffic through the internet gateway.

Answer

Place the Amazon EC2 instances in a private subnet, and assign EIPs; route outgoing traffic through the internet gateway.

Answer

Place the Amazon EC2 instances in a private subnet, with no EIPs; route outgoing traffic through the NAT gateway

Home / Amazon / SAA-C01 / Question 249

Question 249

Answers

A. Place the Amazon EC2 instances in the public subnet, with no EIPs; route outgoing traffic through the internet gateway.

B. Place the Amazon EC2 instances in a public subnet, and assign EIPs; route outgoing traffic through the NAT gateway.

C. Place the Amazon EC2 instances in a private subnet, and assign EIPs; route outgoing traffic through the internet gateway.

D. Place the Amazon EC2 instances in a private subnet, with no EIPs; route outgoing traffic through the NAT gateway

Comments