What changes can be made to this security group that would offer the users LEAST privilege?

– by 1

A Solutions Architect is concerned that the current security group rules for a database tier are too permissive and may permit requests that should be restricted.
Below are the current security group permissions for the database tier: Protocol: TCP
Port Range: 1433 (MS SQL)
Source: ALL
Currently, the only identified resource that needs to connect to the databases is the application tier consisting of an Auto Scaling group of EC2 instances.
What changes can be made to this security group that would offer the users LEAST privilege?
A. Change the source to -1 to remove source IP addresses previously unseen.
B. Change the source to the VPC CIDR block.
C. Change the source to the application instances IDs.
D. Change the source to the security group ID attached to the application instances.

How To Pass SAA-C02 Exam?

Amazon SAA-C02 PDF dumps.

High quality SAA-C02 pdf and software. VALID exam to help you pass.
amazon-exams

One thought on “What changes can be made to this security group that would offer the users LEAST privilege?

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.