ANS-C01 Network Security, Compliance and Governance • Set 2
ANS-C01 Network Security, Compliance and Governance Practice Test 2 — 15 questions with explanations. Free, no signup.
A security engineer runs tcpdump on an EC2 instance (10.0.1.5) and sees the output above. The instance is in a private subnet with a security group that allows inbound HTTPS from 0.0.0.0/0. The instance is behind a Network Load Balancer (NLB) that has a public IP. The engineer is unable to establish an HTTPS connection from the internet. What is the most likely cause?
Refer to the exhibit. [root@ip-10-0-1-5 ~]# tcpdump -i eth0 -n port 443 09:32:15.123456 IP 203.0.113.5.34567 > 10.0.1.5.443: Flags [S], seq 12345, win 65535, options [mss 1460], length 0 09:32:15.123456 IP 10.0.1.5.443 > 203.0.113.5.34567: Flags [S.], seq 54321, ack 12346, win 65535, options [mss 1460], length 0 09:32:15.123456 IP 203.0.113.5.34567 > 10.0.1.5.443: Flags [.], ack 54322, win 65535, length 0