AWS Certified SysOps Administrator – Associate (legacy) — Question 151

You need to design a VPC for a web-application consisting of an Elastic Load Balancer (ELB). a fleet of web/application servers, and an RDS database. The entire Infrastructure must be distributed over 2 availability zones.
Which VPC configuration works while assuring the database is not available from the Internet?

Answer options

• A. One public subnet for ELB one public subnet for the web-servers, and one private subnet for the database
• B. One public subnet for ELB two private subnets for the web-servers, two private subnets for RDS
• C. Two public subnets for ELB two private subnets for the web-servers and two private subnets for RDS
• D. Two public subnets for ELB two public subnets for the web-servers, and two public subnets for RDS

Correct answer: C

Explanation

The correct answer is C because it provides public subnets for the ELB, allowing it to receive traffic from the Internet, while ensuring the web servers and RDS are placed in private subnets, preventing direct Internet access to the database. Options A and B do not adequately separate the database into a private subnet. Option D incorrectly places the RDS in public subnets, exposing it to the Internet.