System manager & EventBridge Flashcards

1
Q

A security audit reveals that some security groups used by a company allow inbound SSH traffic from 0.0.0.0/0. The company’s system administrator must identify the affected security groups and implement an automated solution that blocks open public-facing SSH ports.

Which solution meet the requirements?

A

Use the restricted-ssh AWS Config managed rule. Create a remediation action using an AWS System Manager automation document that revokes ingress rules that allow SSH traffic from the public.

NOT COMPLIANCE document
Compliance is a feature of System Manager that is used to scan your fleet of managed nodes for patch compliance and configuration inconsistencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A startup plans to deploy hundreds of Raspberry Pi devices on all floors of a government building. All of the single-board devices must have consistent configuration settings and must be managed centrally.

Which of the following is the MOST suitable service to use in this scenario?

A

AWS Systems Manager.

NOT AWS SAM is incorrect because this is simply an open-source framework for building serverless applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly