You have two Elastic Compute Cloud (EC2) instances inside a Virtual Private Cloud (VPC) in the same
Availability Zone (AZ) but in different subnets. One instance is running a database and the other instance an
application that will interface with the database. You want to confirm that they can talk to each other for your
application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can communicate
inside the VPC?
Choose 2 answers
A.
A network ACL that allows communication between the two subnets.
B.
Both instances are the same instance class and using the same Key-pair.
C.
That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
D.
Security groups are set to allow the application host to talk to the database on the right port/protocol.
A, D . Subnet communication does not depend on key pair, NAT, or IGW.
I believe the answer is A D.
A – N acl is by default configured for subnets in the same vpc to communicate. However, if it is configured not to, the subnets will not communicate.
D – N acl takes care of subnets being able to recognize each other. The security group takes care of the authorization to do it.
B – it is just not it.
C – The question does not mention internet. You could be using a VPN to connect.
AD
AD
SG and ACL
A and D
ad
Alpha
Dog
D
network ACLS are for network access to and from a VPC not for network activity within a VPC.
ad
AD
A and D
AD
A D
A.
A network ACL that allows communication between the two subnets.
D.
Security groups are set to allow the application host to talk to the database on the right port/protocol.