A security engineer is attempting to ping an Amazon EC2 instance from an on-premises host within a company's VPC. However, the ping command is not returning a response. What should be done to enable successful ping communication between the on-premises host and the EC2 instance?

Exam-Like

Explanation:

The correct answer is A: In the security group of the EC2 instance, allow inbound ICMP traffic. The reason is that security groups are stateful, meaning that if you allow inbound ICMP traffic, the response traffic will also be automatically allowed. NACLs (Network ACLs) are stateless, meaning you would need to create rules for both inbound and outbound traffic; however, typically issues with ICMP traffic not being allowed are due to security group configurations not permitting inbound traffic. Therefore, ensuring that the security group allows inbound ICMP traffic should resolve the issue.

Powered ByGPT-5

AWS Certified Security - Specialty

Get started today

AWS Certified Security - Specialty

Get started today

A security engineer is attempting to ping an Amazon EC2 instance from an on-premises host within a company's VPC. However, the ping command is not returning a response. What should be done to enable successful ping communication between the on-premises host and the EC2 instance?