You are a solutions architect working for a large oil and gas company. Your company runs their production
environment on AWS and has a custom VPC. The VPC contains 3 subnets, 1 of which is public and the other 2
are private. Inside the public subnet is a fleet of EC2 instances which are the result of an autoscaling group. All
EC2 instances are in the same security group. Your company has created a new custom application which
connects to mobile devices using a custom port. This application has been rolled out to production and you
need to open this port globally to the internet. What steps should you take to do this, and how quickly will the
change occur?
A.
Open the port on the existing network Access Control List. Your EC2 instances will be able to communicate
on this port after a reboot.
B.
Open the port on the existing network Access Control List. Your EC2 instances will be able to communicate
over this port immediately.
C.
Open the port on the existing security group. Your EC2 instances will be able to communicate over this port
immediately.
D.
Open the port on the existing security group. Your EC2 instances will be able to communicate over this port
as soon as the relevant Time To Live (TTL) expires.
C is the right answer.
To open port you have to change it in Security group and when you save, the changes applies immediately.