A cloud security analyst needs to ensure the web servers in the public subnet allow only secure communications and must remediate any possible issue. The stateful configuration for the public web servers is as follows:
Which of the following actions should the analyst take to accomplish the objective?
To ensure the web servers in the public subnet allow only secure communications, the analyst needs to remove any rules that permit unsecured protocols or unnecessary services. Rule 1 (inbound on TCP port 80) allows HTTP traffic, which is unsecure. Rule 3 (inbound on TCP port 3306) allows MySQL database connections, which are not necessary for a web server to function in a secure environment. Rule 4 (inbound on TCP port 3389) allows RDP connections, which should not be exposed to the public for security reasons. Therefore, removing rules 1, 3, and 4 will enhance security by restricting traffic to secure protocols and necessary services only.
Must be B
Just a reminder for people like me who forget the less common ports Port 3306: Used by MySQL for database connections. Port 3389: Used by Microsoft RDP for remote desktop connections.
I don't understand this question :(