Answer-first summary for fast verification
Answer: Allow port 443 from source 0.0.0.0/0., Allow port 22 from 192.168.100.0/24.
To ensure secure access to the EC2 instance, port 443 (HTTPS) must be open to all traffic (0.0.0.0/0) to allow public access to the website. This is covered by option B. For management access using SSH, it is more secure to restrict it to the management subnet (192.168.100.0/24) rather than allowing access from everywhere. This is covered by option C. Therefore, the correct answers are B and C.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company operates a public-facing website on an Amazon EC2 instance that requires HTTPS access. The instance is managed via SSH, and it resides within a specific subnet for the website (10.0.1.0/24) and another subnet for management purposes (192.168.100.0/24). As a security engineer tasked with configuring the security group for this EC2 instance, which two actions would you take to ensure the most secure setup? (Select two options.)
A
Allow port 22 from source 0.0.0.0/0.
B
Allow port 443 from source 0.0.0.0/0.
C
Allow port 22 from 192.168.100.0/24.
D
Allow port 22 from 10.0.1.0/24.
E
Allow port 443 from 10.0.1.0/24.
No comments yet.