System manager & EventBridge Flashcards
A security audit reveals that some security groups used by a company allow inbound SSH traffic from 0.0.0.0/0. The company’s system administrator must identify the affected security groups and implement an automated solution that blocks open public-facing SSH ports.
Which solution meet the requirements?
Use the restricted-ssh AWS Config managed rule. Create a remediation action using an AWS System Manager automation document that revokes ingress rules that allow SSH traffic from the public.
NOT COMPLIANCE document
Compliance is a feature of System Manager that is used to scan your fleet of managed nodes for patch compliance and configuration inconsistencies.
A startup plans to deploy hundreds of Raspberry Pi devices on all floors of a government building. All of the single-board devices must have consistent configuration settings and must be managed centrally.
Which of the following is the MOST suitable service to use in this scenario?
AWS Systems Manager.
NOT AWS SAM is incorrect because this is simply an open-source framework for building serverless applications.