No Result
View All Result
IT Quesion Library
Contribute
No Result
View All Result
No Result
View All Result

An organization hosts an app on EC2 instances which multiple developers need access to in order to perform updates. The organization plans to implement some security best practices related to instance access. Which one of the following recommendations will not help improve its security in this way?

QuestionsCategory: SAP-C01An organization hosts an app on EC2 instances which multiple developers need access to in order to perform updates. The organization plans to implement some security best practices related to instance access. Which one of the following recommendations will not help improve its security in this way?
0 Vote Up Vote Down
Admin Staff asked 4 months ago 
An organization hosts an app on EC2 instances which multiple developers need access to in order to perform updates.
The organization plans to implement some security best practices related to instance access.
Which one of the following recommendations will not help improve its security in this way?

A. Disable the password based login for all the users. All the users should use their own keys to connect with the instance securely.

B. Create an IAM policy allowing only IAM users to connect to the EC2 instances with their own SSH key.

C. Create a procedure to revoke the access rights of the individual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.

D. Apply the latest patch of OS and always keep it updated.








 

Suggested Answer: B

Community Answer: B

Since AWS is a public cloud any application hosted on EC2 is prone to hacker attacks. It becomes extremely important for a user to setup a proper security mechanism on the EC2 instances. A few of the security measures are listed below:
✑ Always keep the OS updated with the latest patch
✑ Always create separate users with in OS if they need to connect with the EC2 instances, create their keys and disable their password
✑ Create a procedure using which the admin can revoke the access of the user when the business work on the EC2 instance is completed. . Lock down unnecessary ports
✑ Audit any proprietary applications that the user may be running on the EC2 instance. Provide temporary escalated privileges, such as sudo for users who need to perform occasional privileged tasks
IAM is useful when users are required to work with AWS resources and actions, such as launching an instance. It is not useful in this case because it does not manage who can connect via RDP or SSH with an instance.
Reference:
http://aws.amazon.com/articles/1233/


This question is in SAP-C01 AWS Certified Solutions Architect – Professional Exam
For getting AWS Certified Solutions Architect – Professional Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.
Question Tags:

Related Questions

Recommended

No Result
View All Result

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In