Firewall PBQs: CompTIA Cloud+ (CV0-004)
easyQuestion 1 of 3
You are a cloud administrator reviewing the security group rules for a web application instance in a VPC. The instance serves a public-facing website over HTTPS. A security review found that SSH ingress is allowed from any source, which violates company policy. Correct the security group: keep HTTPS open to the internet, restrict SSH to the management subnet (10.0.2.0/24) only, and add a default deny rule for all other ingress traffic.
Firewall Rules
| # | Direction | Source | Port | Protocol | Action | Order | |
|---|---|---|---|---|---|---|---|
| 1 | inbound | any | 443 | tcp | allow | ||
| 2 | inbound | any | 22 | tcp | allow | ||
| 3 | inbound | any | any | any | allow |
Rules are evaluated top to bottom. Use ▲▼ to reorder.
Progress
0 of 3 rules correctEdit or add rules to configure the firewall, then mark complete
0 of 3 marked complete