Modify Security Rules for Accessing EC2 Instance | AWS Certified SysOps Administrator - Associate Exam

Correct Answers: B and D.

Such as example is also mentioned in the AWS Documentation.

Since users from all over the world need access to the web application, you need to ensure that the source IP range needs to be 0.0.0.0/0 and not 10.0.0.0/16.

And if you want to SSH into the instance from an IP, it needs to be 20.90.6.7/32 and not the internet.

For more information on using Network Security, please refer to the below URL-

To modify the security rules so that users from around the world can access the application, an inbound security rule needs to be added to allow incoming traffic on port 80 from any source IP address. This can be accomplished by adding an inbound security rule with port 80 and source IP 0.0.0.0/0. Option B is correct: Add an Inbound Security Rule of port(80) and Source IP as 0.0.0.0/0.

To allow SSH access from the specified IP address, an inbound security rule needs to be added to allow incoming traffic on port 22 from the specified IP address. This can be accomplished by adding an inbound security rule with port 22 and source IP 20.90.6.7/32. Option D is correct: Add an Inbound Security Rule of port(22) and Source IP as 20.90.6.7/32.

Options A and C are not correct. Option A allows incoming traffic on port 80 only from within the VPC, which would not allow users from around the world to access the application. Option C allows SSH access from any source IP address, which would be a security risk.