AWS Certified SysOps Administrator SOA-C01 – Question536

An Amazon EC2 instance is in a private subnet. To SSH to the instance, it is required to use a bastion host that has an IP address of 10.0.0.5. SSH logs on the EC2 instance in the private subnet show that connections are being made over SSH from several other IP addresses. The EC2 instance currently has the following inbound security group rules applied:
Protocol: TCP
Port: 22
Source: 10.0.0.5/32
Protocol: TCP
Port: 22
Source: sg-xxxxxxxx
Protocol: TCP
Port: 389
Source: 0.0.0.0/0
What is the MOST likely reason that another IP addresses is able to SSH to the EC2 instance?

A.
The rule with 0.0.0.0/0 means SSH is open for any client to connect
B. The rule with /32 is not limiting to a single IP address
C. Any instance belonging to sg-xxxxxxxx is allowed to connect
D. There is an outbound rule allowing SSH traffic

Correct Answer: C