A company has several Amazon EC2 instances to both public and private subnets within a VPC that is not connected to the corporate network. A security group associated with the EC2 instances allows the company to use the Windows remote desktop protocol (RDP) over the internet to access the instances. The security team has noticed connection attempts from unknown sources. The company wants to implement a more secure solution to access the EC2 instances. Which strategy should a solutions architect implement?
A) Deploy a Linux bastion host on the corporate network that has access to all instances in the VPC.
B) Deploy AWS Systems Manager Agent on the EC2 instances. Access the EC2 instances using Session Manager restricting access to users with permission.
C) Deploy a Linux bastion host with an Elastic IP address in the public subnet. Allow access to the bastion host from 0.0.0.0/0.
D) Establish a Site-to-Site VPN connecting the corporate network to the VPC. Update the security groups to allow access from the corporate network only.
Correct Answer:
Verified
Q656: A company has an application that runs
Q657: A company has been using a third-party
Q658: A company is in the process of
Q659: A large company with hundreds of AWS
Q660: A media company has a static web
Q662: A company hosts a game player-matching service
Q663: A company has a single AWS master
Q664: A company has a web application that
Q665: An enterprise company is using a multi-account
Q666: A company is using AWS CloudFormation as
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents