AWS Certified Solutions Architect – Professional SAP-C01 – Question306 - AWS Certified Solutions Architect

A user is accessing an EC2 instance on the SSH port for IP 10.20.30.40/32.
Which one is a secure way to configure that the instance can be accessed only from this IP?

A. In the security group, open port 22 for IP 10.20.30.40
B. In the security group, open port 22 for IP 10.20.30.0
C. In the security group, open port 22 for IP 10.20.30.40/32
D. In the security group, open port 22 for IP 10.20.30.40/0

Correct Answer: C

Explanation:

Explanation: In AWS EC2, while configuring a security group, the user needs to specify the IP address in CIDR notation. The CIDR IP range 10.20.30.40/32 says it is for a single IP 10.20.30.40. If the user specifies the IP as 10.20.30.40 only, the security group will not accept and ask for it in a CIDR format.
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-se…