Topic 1 Question 96
An Amazon EC2 administrator created the following policy associated with an IAM group containing several users:
What is the effect of this policy?Users can terminate an EC2 instance in any AWS Region except us-east-1.
Users can terminate an EC2 instance with the IP address 10.100.100.1 in the us-east-1 Region.
Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
ユーザの投票
コメント(17)
What the policy means:
- Allow termination of any instance if user’s source IP address is 100.100.254.
- Deny termination of instances that are not in the us-east-1 Combining this two, you get: “Allow instance termination in the us-east-1 region if the user’s source IP address is 10.100.100.254. Deny termination operation on other regions.”
👍 14Joxtat2023/01/04C is correct. 0.0/24 , the following five IP addresses are reserved: 0.0: Network address. 0.1: Reserved by AWS for the VPC router. 0.2: Reserved by AWS. The IP address of the DNS server is the base of the VPC network range plus two. ... 0.3: Reserved by AWS for future use. 0.255: Network broadcast address.
👍 11Subh_fidelity2022/12/01- 正解だと思う選択肢: D
Deny overrules Allow. The first statement allows 100.100.254. but the second statement is denied which is the region us-east-1.
👍 3Ello20232023/01/15
シャッフルモード