Amazon Exam SCS-C02 Topic 8 Question 28 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 28
Topic #: 8

A Network Load Balancer (NLB) target instance is not entering the InService state. A security engineer determines that health checks are failing.

Which factors could cause the health check failures? (Select THREE.)

AThe target instance's security group does not allow traffic from the NLB.

BThe target instance's security group is not attached to the NLB.

CThe NLB's security group is not attached to the target instance.

DThe target instance's subnet network ACL does not allow traffic from the NLB.

EThe target instance's security group is not using IP addresses to allow traffic from the NLB.

FThe target network ACL is not attached to the NLB.

Show Suggested Answer

Suggested Answer: A, C, D

by julien at Sep 16, 2024, 09:43 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Dong

8 months ago

Hold up, is the target instance wearing a tuxedo to the health check party? E is the one to watch out for, for sure.

upvoted 0 times

Carlton

6 months ago

C: I agree, E could be the reason why the health checks are failing.

upvoted 0 times

...

Lemuel

7 months ago

B: Yeah, E mentions using IP addresses, which might be the problem.

upvoted 0 times

...

Naomi

7 months ago

A: Definitely not, but it seems like E could be causing the issue.

upvoted 0 times

...

Teresita

8 months ago

I think another factor could be the target instance's subnet network ACL not allowing traffic from the NLB.

upvoted 0 times

...

Daniel

8 months ago

This is a classic 'security gone wrong' scenario. A, D, and E for sure. Bet the engineer is scratching their head on this one!

upvoted 0 times

...

Chantell

8 months ago

I agree with Olene. It could also be because the NLB's security group is not attached to the target instance.

upvoted 0 times

...

Olene

8 months ago

Easy peasy, A, D, and E. You've gotta make sure the security and network settings are all lined up for the NLB to do its job.

upvoted 0 times

Stevie

7 months ago

True, using IP addresses in the security group settings is necessary for the NLB to function properly.

upvoted 0 times

...

Remedios

7 months ago

Don't forget about the subnet network ACL, that could also be causing the issue.

upvoted 0 times

...

Iola

7 months ago

I agree, making sure the security group allows traffic from the NLB is crucial.

upvoted 0 times

...

Karan

7 months ago

Definitely, A, D, and E are important factors to consider for the health check failures.

upvoted 0 times

...

Olene

8 months ago

I think the health check failures could be caused by the target instance's security group not allowing traffic from the NLB.

upvoted 0 times

...

Alita

9 months ago

Hmm, I'd say A, D, and E as well. The target instance needs to be wide open to the NLB for those health checks to pass.

upvoted 0 times

...

Ellen

9 months ago

A, D, and E seem like the most likely culprits here. Can't have the security group or network ACL blocking the NLB traffic.

upvoted 0 times

Emile

8 months ago

E) The target instance's security group is not using IP addresses to allow traffic from the NLB.

upvoted 0 times

...

Deonna

8 months ago

D) The target instance's subnet network ACL does not allow traffic from the NLB.

upvoted 0 times

...

Leonora

8 months ago

A) The target instance's security group does not allow traffic from the NLB.

upvoted 0 times

...