How should security groups be configured in this situation?
(Choose two.)
Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.
Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.
Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.
Explanations:
The web tier must allow inbound traffic on port 443 (HTTPS) from all sources (0.0.0.0/0) to serve web requests securely over the internet.
Outbound traffic on port 443 from the web tier does not need to be restricted; however, allowing outbound traffic to 0.0.0.0/0 is not necessary and does not relate to security group rules that focus on incoming connections.
The database tier should allow inbound traffic on port 1433 (SQL Server) specifically from the security group of the web tier, ensuring that only authorized requests from the web application can access the database.
Outbound traffic from the database tier should not be necessary to allow traffic to the web tier. The focus should be on securing inbound connections to the database rather than outbound.
The database tier should not allow inbound traffic on port 443, as it is not serving web requests. Only inbound traffic on port 1433 from the web tier’s security group is required.
I deduce that the answer is:
Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.