AWS Certified SysOps Administrator SOA-C01 – Question022

You have two Elastic Compute Cloud (EC2) instances inside a Virtual Private Cloud (VPC) in the same Availability Zone (AZ) but in different subnets. One instance is running a database and the other instance an application that will interface with the database. You want to confirm that they can talk to each other for your application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can communicate inside the VPC? (Choose two.)

A.
A network ACL that allows communication between the two subnets.
B. Both instances are the same instance class and using the same Key-pair.
C. That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
D. Security groups are set to allow the application host to talk to the database on the right port/protocol.

Correct Answer: AD