PrepAway - Latest Free Exam Questions & Answers

Which of the following cannot be used in Amazon EC2 to control who has access to specific Amazon EC2 instances

Which of the following cannot be used in Amazon EC2 to control who has access to specific Amazon EC2
instances?

PrepAway - Latest Free Exam Questions & Answers

A.
Security Groups

B.
IAM System

C.
SSH keys

D.
Windows passwords

25 Comments on “Which of the following cannot be used in Amazon EC2 to control who has access to specific Amazon EC2 instances

  1. RC says:

    IAM is used to control the access on AWS resources for IAM/Account users. It does NOT handle the access control on any type of instances (DB or compute on any other)




    0



    0
  2. Khaled says:

    A.
    Security Groups

    is the correct answer, security Groups defined what can be access (services) not Who

    B. IAM System (where you can create all users and role) so it is about who and what

    C. SSH keys is is Who

    D. Windows passwords this is also Who.




    2



    0
  3. Magwif says:

    I am with Khaled on this one the question asks WHO can access EC2 instances

    Security group is a firewall that controls traffic not users

    this link has already been posted but here it is again
    http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UsingIAM.html

    A security group acts as a firewall that controls the traffic allowed to reach one or more instances. When you launch an instance, you assign it one or more security groups. You add rules to each security group that control traffic for the instance. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances to which the security group is assigned.

    Answer: A




    0



    0
  4. Duck bro says:

    B
    By using IAM with Amazon EC2, you can control whether users in your organization can perform a task using specific Amazon EC2 API actions and whether they can use specific AWS resources.
    IAM allows to control only what actions a user can perform on the EC2 resources but cannot be used to grant access for users to be able to access or login to the instances




    1



    0
  5. Amit says:

    B is correct, Your EC2 instance can be accessed by anyone who doesn’t even have any user in AWS but has the Private Key.

    IAM system is required to offer privilidges of the console , API or CLI on what you can do with AWS services itself.




    0



    1
  6. Zane says:

    A is the correct answer. A security group secures an instance at the port and protocol level. Security groups don’t have the ability to secure against specific people, only specific ports and protocols.




    0



    0
  7. Halloween says:

    I understand why people pick B, because of what is written in the “IAM_UseCases” link.

    But I want to know why they say that Security Groups can be used to control “who” has access to the operating system.

    A Security Group can only control “from what IP address” they can have access to the instance.




    0



    0
  8. Raka says:

    Question targets the options which cannot control access to EC2 instances.
    IAM system is only to control who can access the EC2 service for commissioning.
    It cannot control who can login to the EC2 instance, which is control by
    Security groups – can define who can access to the system. Entries missing are implicit deny.
    SSH keys – to be able to login to the Instance
    Windows Password – for windows instances as it needs a password

    Source: http://jayendrapatil.com/aws-ec2-security/




    0



    0

Leave a Reply

Your email address will not be published. Required fields are marked *