Register
An organization runs several EC2 instances inside a VPC using three subnets, one for Development, one for Test and one for Production. The Security team has some concerns about the VPC configuration and
100k views
4 votes
An organization runs several EC2 instances inside a VPC using three subnets, one for Development, one for Test and one for Production. The Security team has some concerns about the VPC configuration and requires to restrict the communication across the EC2 instances using Security Groups.

Which of the following options is true for Security Groups?
B. You can change a Security Group associated to an instance if the instance state is stopped but not if the instance state is running.
A. You can change a Security Group associated to an instance if the instance state is stopped or running.
D. The only Security Group you can change is the Default Security Group.
E. None of the above
C. You can change a Security Group only if there are no instances associated to it.

User The Time
by
7.2k points

1 Answer

4 votes

Final answer:

Security Groups in AWS can be changed for an EC2 instance whether it is running or stopped. There is no requirement to stop the instance to update its Security Groups, and you can modify any Security Group, not just the default one.

Step-by-step explanation:

In Amazon Web Services (AWS), specifically regarding Elastic Compute Cloud (EC2) instances and Virtual Private Cloud (VPC) configurations, Security Groups act as a virtual firewall to control inbound and outbound traffic. One of the key features of Security Groups is their flexibility. The correct statement about Security Groups in this case is:

Option A: You can change a Security Group associated to an instance whether the instance state is stopped or running. This means that you can modify which Security Groups are associated with an EC2 instance at any time, without any requirement to stop the instance first. This is useful for quickly applying updates or changes to your security configuration without causing downtime. It's important to ensure that the modifications you make to Security Groups allow for the necessary communications while still enforcing your security policies.

Options B, C, and D are incorrect. You do not need to stop instances to change Security Groups, you can modify Security Groups regardless of instance associations, and you can change any Security Group, not just the default one.

User Masquerade
by
7.9k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!