1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Professional
  5. SAP-C02 Discussions
  6. SAP-C02 Exam Topic 12 Question 116 Discussion

Amazon Web Services AWS Certified Solutions Architect - Professional SAP-C02 Question # 116 Topic 12 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Professional SAP-C02 Question # 116 Topic 12 Discussion

SAP-C02 Exam Topic 12 Question 116 Discussion:
Question #: 116
Topic #: 12

A company is using AWS Control Tower to manage AWS accounts in an organization in AWS Organizations. The company has an OU that contains accounts. The company

must prevent any new or existing Amazon EC2 instances in the OUs accounts from gaining a public IP address.

Which solution will meet these requirements?
A.

Configure all instances in each account in the OU to use AWS Systems Manager. Use a Systems Manager Automation runbook to prevent public IP addressesfrom being attached to the instances.

B.

Implement the AWS Control Tower proactive control to check whether instances in the OU's accounts have a public IP address. Set theAssociatePubIicIpAddress property to False. Attach the proactive control to the OU.

C.

Create an SCP that prevents the launch of instances that have a public IP address. Additionally, configure the SCP to prevent the attachment of apublic IP address to existing instances. Attach the SCP to the OU.

D.

Create an AWS Config custom rule that detects instances that have a public IP address. Configure a remediation action that uses an AWS Lambda function to detach the public IP addresses from the instances.

Get Premium SAP-C02 Questions
Actual exam question for Amazon Web Services SAP-C02 exam by Juno2677 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next