If you’re unable to connect via SSH to your EC2 instance, which of the following should you check and possibly
correct to restore connectivity?
A.
Adjust Security Group to permit egress traffic over TCP port 443 from your IP.
B.
Configure the IAM role to permit changes to security group settings.
C.
Modify the instance security group to allow ingress of ICMP packets from your IP.
D.
Adjust the instance’s Security Group to permit ingress traffic over port 22 from your IP.
E.
Apply the most recently released Operating System security patches.
Explanation:
In a VPC everything is allowed out by default.http://docs.aws.amazon.com/cli/latest/reference/ec2/authorize-security-group-ingress.html
D
Believe it or not, I have seen people who customized their outbound SG policies to where A would actually be an acceptable answer for them.
The answer for the exam is D though, just to be clear. Never customize your outbound SG policies unless you have a clear need to do so.