A customer is running a multi-tier web application farm in a virtual private cloud (VPC) that is not connected to their corporate network. They are connecting to the VPC over the Internet to manage all of their Amazon EC2 instances running in both the public and private subnets. They have only authorized the bastion-security-group with Microsoft Remote Desktop Protocol (RDP) access to the application instance security groups, but the company wants to further limit administrative access to all of the instances in the VPC. Which of the following Bastion deployment scenarios will meet this requirement?
A. Deploy a Windows Bastion host on the corporate network that has RDP access to all instances in the VPC,
B. Deploy a Windows Bastion host with an Elastic IP address in the public subnet and allow SSH access to the
bastion from anywhere.
C. Deploy a Windows Bastion host with an Elastic IP address in the private subnet, and restrict RDP access to
the bastion from only the corporate public IP addresses.
D. Deploy a Windows Bastion host with an auto-assigned Public IP address in the public subnet, and allow RDP access to the bastion from only the corporate public IP addresses.
Answer: D. Deploy a Windows Bastion host with an auto-assigned Public IP address in the public subnet, and allow RDP access to the bastion from only the corporate public IP addresses.
You might also like to view...
When you want to use a function in your program, you would make a function __________.
Fill in the blank(s) with the appropriate word(s).
What is Min-height?
What will be an ideal response?
In the AVERAGEIFS function, the Average range argument contains the values to be averaged
Indicate whether the statement is true or false.
The tabs on the Ribbon organize the commands into related tasks.
Answer the following statement true (T) or false (F)