ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 139 - SCS-C02 discussion

Report
Export

A company is building a data processing application that uses AWS Lambda functions The application's Lambda functions need to communicate with an Amazon RDS OB instance that is deployed within a VPC in the same AWS account

Which solution meets these requirements in the MOST secure way?

A.
Configure the DB instance to allow public access Update the DB instance security group to allow access from the Lambda public address space for the AWS Region
Answers
A.
Configure the DB instance to allow public access Update the DB instance security group to allow access from the Lambda public address space for the AWS Region
B.
Deploy the Lambda functions inside the VPC Attach a network ACL to the Lambda subnet Provide outbound rule access to the VPC CIDR range only Update the DB instance security group to allow traffic from 0 0 0 0/0
Answers
B.
Deploy the Lambda functions inside the VPC Attach a network ACL to the Lambda subnet Provide outbound rule access to the VPC CIDR range only Update the DB instance security group to allow traffic from 0 0 0 0/0
C.
Deploy the Lambda functions inside the VPC Attach a security group to the Lambda functions Provide outbound rule access to the VPC CIDR range only Update the DB instance security group to allow traffic from the Lambda security group
Answers
C.
Deploy the Lambda functions inside the VPC Attach a security group to the Lambda functions Provide outbound rule access to the VPC CIDR range only Update the DB instance security group to allow traffic from the Lambda security group
D.
Peer the Lambda default VPC with the VPC that hosts the DB instance to allow direct network access without the need for security groups
Answers
D.
Peer the Lambda default VPC with the VPC that hosts the DB instance to allow direct network access without the need for security groups
Suggested answer: C

Explanation:

The AWS documentation states that you can deploy the Lambda functions inside the VPC and attach a security group to the Lambda functions. You can then provide outbound rule access to the VPC CIDR range only and update the DB instance security group to allow traffic from the Lambda security group. This method is the most secure way to meet the requirements.

asked 16/09/2024
Juan Manuel Lopez Ortega
27 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first