AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 17

You manage a web service that is used by client applications deployed in 300 offices worldwide. The web service architecture is an Elastic Load Balancer (ELB) distributing traffic across four application servers deployed in an Auto Scaling group across two Availability Zones.
The ELB is configured to use round robin, and sticky sessions are disabled. You have configured the NACLs and security groups to allow port 22 from your bastion host, and port 80 from 0.0.0.0/0. The client configuration is managed by each regional IT team.
Upon inspection you find that a large amount of requests from incorrectly configured sites are causing a single application server to degrade. The remainder of the requests are equally distributed across all servers with no negative effects.
What should you do to remedy the situation and prevent future occurrences?

Answer options

• A. Mark the affected instance as degraded in the ELB and raise it with the client application team.
• B. Update the NACL to only allow port 80 to the application servers from the ELB servers.
• C. Update the Security Groups to only allow port 80 to the application servers from the ELB.
• D. Terminate the affected instance and allow Auto Scaling to create a new instance.

Correct answer: D

Explanation

The correct action is to terminate the affected instance and allow Auto Scaling to create a new one (D), which resets the server's state and alleviates the degradation. Marking the instance as degraded (A) won't address the immediate performance issue, while updating NACLs (B) or Security Groups (C) won't resolve the impact of misconfigured requests on the current instance.