What changes need to be made to allow SSH access to the…

An instance is launched into a VPC subnet with the network ACL configured to allow all inbound traffic and deny
all outbound traffic. The instance’s security group is configured to allow SSH from any IP address and deny all
outbound traffic. What changes need to be made to allow SSH access to the instance?

An instance is launched into a VPC subnet with the network ACL configured to allow all inbound traffic and deny
all outbound traffic. The instance’s security group is configured to allow SSH from any IP address and deny all
outbound traffic. What changes need to be made to allow SSH access to the instance?

A.
The outbound security group needs to be modified to allow outbound traffic.

B.
The outbound network ACL needs to be modified to allow outbound traffic.

C.
Nothing, it can be accessed from any IP address using SSH.

D.
Both the outbound security group and outbound network ACL need to be modified to allow outbound traffic.



Leave a Reply 3

Your email address will not be published. Required fields are marked *


Hank Mort

Hank Mort

B. Security groups are stateful and would accept outgoing traffic when it was initially passed. I’ve tested it and you only need to modify ACL that is stateless. ( You can’t deny outgoing traffic in SGs ) only remove the range and protocol.