AmazonAmazon
SOA-C02 · Question #375
SOA-C02 Question #375: Real Exam Question with Answer & Explanation
The correct answer is C: Activate the AWS Config restricted-ssh managed rule. Add automatic remediation to the AWS. https://docs.aws.amazon.com/config/latest/developerguide/restricted-ssh.html
Submitted by tunde_lagos· Mar 30, 2026
Question
A company has a compliance requirement that no security groups can allow SSH ports to be open to all IP addresses. A SysOps administrator must implement a solution that will notify the company's SysOps team when a security group rule violates this requirement. The solution also must remediate the security group rule automatically. Which solution will meet these requirements?
Options
- ACreate an Amazon EventBridge (Amazon CloudWatch Events) rule that invokes an AWS Lambda
- BCreate an AWS CloudTrail metric filter for security group changes. Create an Amazon
- CActivate the AWS Config restricted-ssh managed rule. Add automatic remediation to the AWS
- DCreate an AWS CloudTrail metric filter for security group changes. Create an Amazon
Explanation
https://docs.aws.amazon.com/config/latest/developerguide/restricted-ssh.html
Community Discussion
No community discussion yet for this question.