An organization has created multiple components of a single application for compartmentalization. Currently all the
components are hosted on a single EC2 instance. Due to security reasons the organization wants to implement two
separate SSLs for the separate modules although it is already using VPC. How can the organization achieve this with a
single instance?
A.
Create a VPC instance which will have both the ACL and the security group attached to it and have separate rules for each IP address.
B.
Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
C.
You have to launch two instances each in a separate subnet and allow VPC peering for a single IP.
D.
Create a VPC instance which will have multiple subnets attached to it and each will have a separate IP address.
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. It enables the user to launch
AWS resources into a virtual network that the user has defined. With VPC the user can specify multiple private IP
addresses for his instances. The number of network interfaces and private IP addresses that a user can specify for an
instance depends on the instance type. With each network interface the organization can assign an EIP. This scenario
helps when the user wants to host multiple websites on a single EC2 instance by using multiple SSL certificates on a
single server and associating each certificate with a specific EIP address. It also helps in scenarios for operating network
appliances, such as firewalls or load balancers that have multiple private IP addresses for each network interface.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html
B
B