Bird
0
0

In a multi-tier AWS architecture, if the database tier is configured in a public subnet with a security group allowing all inbound traffic, what is the likely outcome?

medium📝 service behavior Q5 of 15
AWS - Architecture Best Practices
In a multi-tier AWS architecture, if the database tier is configured in a public subnet with a security group allowing all inbound traffic, what is the likely outcome?
ADatabase remains secure due to AWS default protections
BDatabase automatically moves to a private subnet
CDatabase cannot be accessed by the app tier
DDatabase is exposed to the internet and vulnerable
Step-by-Step Solution
Solution:

  1. Step 1: Understand subnet and security group roles

    Public subnet exposes resources to the internet; security groups control traffic.

  2. Step 2: Analyze effect of open inbound rules

    Allowing all inbound traffic exposes the database to anyone on the internet.

  3. Final Answer:

    Database is exposed to the internet and vulnerable -> Option D

  4. Quick Check:

    Public subnet + open SG = exposed DB = B [OK]
Quick Trick: Open inbound rules on public subnet = security risk [OK]
Common Mistakes:
  • Assuming AWS auto-secures exposed DB
  • Thinking app tier can't access DB
  • Believing AWS moves DB automatically

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
Advanced Security - Secrets Manager for credentials - Quiz 11easy Advanced Security - GuardDuty for threat detection - Quiz 15hard CloudFormation - Updating and deleting stacks - Quiz 12easy CloudFormation - Outputs for cross-stack references - Quiz 8hard Cost Optimization - Spot Instances for cost savings - Quiz 5medium EKS - Deploying workloads on EKS - Quiz 8hard EKS - Why managed Kubernetes matters - Quiz 6medium EKS - Deploying workloads on EKS - Quiz 6medium EKS - Why managed Kubernetes matters - Quiz 7medium Serverless Architecture - Step Functions for workflows - Quiz 3easy