Firewall PBQs: AWS Certified Security - Specialty (SCS-C03)
easyQuestion 1 of 3
A security audit has flagged the security group attached to an EC2 instance running a public-facing web application in a VPC. The instance should only accept HTTPS traffic from the internet and SSH access from the admin subnet (10.0.1.0/24). Currently, SSH is open to the world and there is no default deny rule. Review the current rules and correct the misconfigurations.
Firewall Rules
| # | Direction | Source | Port | Protocol | Action | Order | |
|---|---|---|---|---|---|---|---|
| 1 | inbound | any | 443 | tcp | allow | ||
| 2 | inbound | any | 22 | tcp | allow |
Rules are evaluated top to bottom. Use ▲▼ to reorder.
Progress
0 of 3 rules correctEdit or add rules to configure the firewall, then mark complete
0 of 3 marked complete