Which option will meet the customer requirement?

You are tasked with setting up a Linux bastion host for access to Amazon EC2 instances
running in your VPC. Only clients connecting from the corporate external public IP address
72.34.51.100 should have SSH access to the host. Which option will meet the customer
requirement?

You are tasked with setting up a Linux bastion host for access to Amazon EC2 instances
running in your VPC. Only clients connecting from the corporate external public IP address
72.34.51.100 should have SSH access to the host. Which option will meet the customer
requirement?

A.
Security Group Inbound Rule: Protocol -TCP. Port Range -22, Source 72.34.51.100/32

B.
Security Group Inbound Rule: Protocol -UDP, Port Range -22, Source 72.34.51.100/32

C.
Network ACL Inbound Rule: Protocol -UDP, Port Range -22, Source 72.34.51.100/32

D.
Network ACL Inbound Rule: Protocol -TCP, Port Range-22, Source 72.34.51.100/0

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

Andrew

Andrew

ACL rules would affect other instances in the subnet

Reply

hippo

hippo

Not necessarily – if it’s the only instance in the subnet it could’ve worked, however you’d need to think about ingress and egress traffic and none of the proposed ACL solutions would do the task at hand.

Reply