Knowee
Questions
Features
Study Tools

A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys?Network ACLsEC2 key pairsAWS Identity and Access Management (IAM)AWS Systems Manager Session Manager

Question

A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys?Network ACLsEC2 key pairsAWS Identity and Access Management (IAM)AWS Systems Manager Session Manager

🧐 Not the exact question you are looking for?Go ask a question

Solution

The company should use AWS Systems Manager Session Manager to access instances remotely instead of opening inbound SSH ports and managing SSH keys.

Here's why:

  1. AWS Systems Manager Session Manager provides secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, or manage SSH keys.

  2. Session Manager allows you to manage instances through an interactive one-click browser-based shell or through the AWS CLI.

  3. Session Manager securely communicates with the instance to initiate the session, eliminating the need to open inbound ports, or to use SSH keys.

  4. It also integrates with AWS CloudTrail and CloudWatch Logs to provide logs for auditing and post-session analysis.

So, AWS Systems Manager Session Manager is the best choice for the company to improve its security and audit posture by limiting Amazon EC2 inbound access.

This problem has been solved

Similar Questions

A company's flagship application runs on a fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances. As per the new policies, the system administrators are looking for the best way to provide secure shell access to Amazon Elastic Compute Cloud (Amazon EC2) instances without opening new ports or using public IP addresses. Which tool/service will help you achieve this requirement?

An e-commerce company would like to provide a secured access to AWS services for its employees. Which of the following AWS services can the company use to achieve this?Question 37Answera.AWS Direct Connectb.AWS Snowballc.Amazon S3 Transfer Acceleration (Amazon S3TA)d.AWS Identity and Access Management (IAM)

Which of these options represent best practices security measures for utilizing AWS Identity and Access Management (IAM)? (Choose TWO.)Use AWS account root user credentials for IAM tasks.Do not remove credentials, even if they are never used.Rotate credentials regularly.Enable multi-factor authentication (MFA).Use inline policies instead of customer managed policies.

A company created an Amazon EC2 instance. The company wants to control the incoming and outgoing network traffic at the instance level. Which AWS resource or service will meet this requirement?a.Security groupsb.Network Access Analyzerc.VPC endpointsd.AWS Shield

Which of the following options can be used to access and manage all AWS services (Select three)?Question 11AnswerA.AWS Software Development Kit (SDK)B.AWS Management ConsoleC.AWS Secrets ManagerD.AWS Command Line Interface (AWS CLI)E.Amazon API Gateway

1/2

Upgrade your grade with Knowee

Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.