Topic 1 Question 246
A company is testing incident response procedures for destination containment. The company needs to contain a critical Amazon EC2 instance as quickly as possible while keeping the EC2 instance running. The EC2 instance is the only resource in a public subnet and has active connections to other resources.
Which solution will contain the EC2 instance IMMEDIATELY?
Create a new security group that has no inbound rules or outbound rules. Attach the new security group to the EC2 instance.
Configure the existing security group for the EC2 instance. Remove all existing inbound rules and outbound rules from the security group.
Create a new network ACL that has a single Deny rule for inbound traffic and outbound traffic. Associate the new network ACL with the subnet that contains the EC2 instance.
Create a new VPC for isolation. Stop the EC2 instance. Create a new AMI from the EC2 instance. Use the new AMI to launch a new EC2 instance in the new VPC.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: C
nacl is stateless and will have immediate isolation effect while sgs will continue to let connections be until they end, we dont care about other ec2s in the subnet because there arent any
👍 2723993f2024/11/25 - 正解だと思う選択肢: A
When you need to immediately contain an EC2 instance while keeping it running, applying a security group with no inbound or outbound rules is the fastest and most effective way to isolate the instance.
👍 2HappyG2024/11/30 - 正解だと思う選択肢: C
Given that there are no other resources in the subnet apart from the EC2 instance, the most immediate and effective way to contain the instance while keeping it running is:
C. Create a new network ACL that has a single Deny rule for inbound traffic and outbound traffic. Associate the new network ACL with the subnet that contains the EC2 instance.
This approach will instantly isolate the EC2 instance from the network by denying all inbound and outbound traffic at the subnet level, ensuring no accidental connections can be made.
👍 2IPLogic2024/12/05
シャッフルモード