New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SOA-C03 Discussions
  6. SOA-C03 Exam Topic 3 Question 27 Discussion

Amazon Web Services AWS Certified CloudOps Engineer - Associate SOA-C03 Question # 27 Topic 3 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous

Amazon Web Services AWS Certified CloudOps Engineer - Associate SOA-C03 Question # 27 Topic 3 Discussion

SOA-C03 Exam Topic 3 Question 27 Discussion:
Question #: 27
Topic #: 3

A company runs applications on Amazon EC2 instances. The company wants to ensure that SSH ports on the EC2 instances are never open. The company has enabled AWS Config and has set up the restricted-ssh AWS managed rule.

A CloudOps engineer must implement a solution to remediate SSH port access for noncompliant security groups.

What should the engineer do to meet this requirement with the MOST operational efficiency?
A.

Configure the AWS Config rule to identify noncompliant security groups. Configure the rule to use the AWS-PublishSNSNotification AWS Systems Manager Automation runbook to send notifications about noncompliant resources.

B.

Configure the AWS Config rule to identify noncompliant security groups. Configure the rule to use the AWS-DisableIncomingSSHOnPort22 AWS Systems Manager Automation runbook to remediate noncompliant resources.

C.

Make an AWS Config API call to search for noncompliant security groups. Disable SSH access for noncompliant security groups by using a Deny rule.

D.

Configure the AWS Config rule to identify noncompliant security groups. Manually update each noncompliant security group to remove the Allow rule.

Get Premium SOA-C03 Questions
Actual exam question for Amazon Web Services SOA-C03 exam by Rael1752 at Jan 9, 2026, 4:49:40 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous