What steps must a SysOps Administrator take to resolve this issue and improve the security of the application?
(Choose two.)
Add the EC2 instances to the ALB target group, configure the health check, and ensure that the instances report healthy.
Add the EC2 instances to an Auto Scaling group, configure the health check to ensure that the instances report healthy, and remove the public IPs from the instances.
Create a new subnet in which EC2 instances and ALB will reside to ensure that they can communicate, and remove the public IPs from the instances.
Change the security group for the EC2 instances to allow access from only the ALB security group, and remove the public IPs from the instances.
Change the security group to allow access from 0.0.0.0/0, which permits access from the ALB.
Explanations:
The EC2 instances need to be added to the ALB target group. A health check is required to verify the instances are healthy before the ALB can route traffic to them.
While adding the EC2 instances to an Auto Scaling group improves availability, it is not necessary to resolve the current issue. The focus should be on the ALB and health checks.
Creating a new subnet for EC2 instances and the ALB is not needed. The instances can be in the same subnet as the ALB as long as their security groups allow communication.
The security group for EC2 instances should restrict access to only the ALB security group. This improves security by removing public IP access and controlling traffic flow.
Allowing access from 0.0.0.0/0 would make the instances publicly accessible, which is not recommended for improved security.
I evaluate that the answer is:
Add the EC2 instances to the ALB target group, configure the health check, and ensure that the instances report healthy.
I figure that the answer is:
Add the EC2 instances to the ALB target group, configure the health check, and ensure that the instances report healthy.