How should security groups be configured in this situation?
(Choose two.)
Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.
Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.
Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.
Explanations:
Allowing inbound traffic on port 443 (HTTPS) from 0.0.0.0/0 for the web tier is appropriate, as it enables users to securely access the web application over the internet. This is standard practice for public-facing web applications.
Allowing outbound traffic on port 443 from the web tier to 0.0.0.0/0 is unnecessary because outbound traffic is typically allowed by default for security groups. The focus should be on inbound rules for the web tier.
Configuring the database tier’s security group to allow inbound traffic on port 1433 (default for Microsoft SQL Server) from the security group for the web tier is essential for the web application to communicate with the database securely.
Outbound rules are generally open by default, so configuring the database tier to allow outbound traffic on ports 443 and 1433 to the web tier’s security group is not necessary. The primary focus should be on inbound rules for security.
Allowing inbound traffic on ports 443 and 1433 from the web tier’s security group to the database tier is incorrect because only port 1433 (SQL Server) should be allowed from the web tier. Port 443 is for web traffic, not database communication.