SCS-C02 Management and Security Governance • Set 3
SCS-C02 Management and Security Governance Practice Test 3 — 15 questions with explanations. Free, no signup.
A company has a three-tier web application running on AWS. The application consists of an Application Load Balancer (ALB), an EC2 Auto Scaling group for web servers, and an RDS MySQL database. The Security team recently discovered that the database is publicly accessible from the internet. They need to remediate this immediately while minimizing downtime. The database is critical for the application, and the application must remain available. The team has identified that the database security group currently allows inbound traffic from 0.0.0.0/0 on port 3306. The web servers are in a security group named 'web-sg'. The database security group is named 'db-sg'. The team wants to restrict access to only the ALB and the web servers. Which action should the team take to resolve the issue with the least downtime?