Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam ANS-C01 Topic 3 Question 28 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 28
Topic #: 3
[All ANS-C01 Questions]

A company needs to manage Amazon EC2 instances through command line interfaces for Linux hosts and Windows hosts. The EC2 instances are deployed in an environment in which there is

no route to the internet. The company must implement role-based access control for management of the instances. The company has a standalone on-premises environment.

Which approach will meet these requirements with the LEAST maintenance overhead?

Show Suggested Answer Hide Answer
Suggested Answer: B

The correct approach is to use AWS Systems Manager Session Manager, which allows you to manage your EC2 instances through a secure and browser-based interface. By deploying and configuring SSM Agent on each instance, you can enable Session Manager to communicate with the instances. By deploying VPC endpoints for Session Manager, you can enable the instances to connect to the AWS service without requiring an internet gateway, NAT device, or VPN connection. You can also use IAM policies and SSM documents to implement role-based access control for managing the instances. This approach has the least maintenance overhead, as it does not require any additional infrastructure or configuration.


by Pamella at Jun 01, 2024, 08:51 PM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jeannetta
11 months ago
I don't know, I'm kind of leaning towards C. Site-to-Site VPN might be a bit more work, but it seems more secure than using an intermediary appliance.
upvoted 0 times
Jerry
10 months ago
B) Deploy and configure AWS Systems Manager Agent (SSM Agent) on each instance. Deploy VPC endpoints for Systems Manager Session Manager. Connect to the instances by using Session Manager.
upvoted 0 times
...
Bok
10 months ago
C) Establish an AWS Site-to-Site VPN connection between the on-premises environment and the VPC where the instances are deployed. Configure routing, security groups, and ACLs. Connect to the instances by using the Site-to-Site VPN connection.
upvoted 0 times
...
...
Nan
12 months ago
Haha, D is just asking for trouble. Exposing an appliance to the public internet? No thank you, I'll pass on that one.
upvoted 0 times
Micah
11 months ago
C) Establish an AWS Site-to-Site VPN connection between the on-premises environment and the VPC where the instances are deployed. Configure routing, security groups, and ACLs. Connect to the instances by using the Site-to-Site VPN connection.
upvoted 0 times
...
Oliva
11 months ago
B) Deploy and configure AWS Systems Manager Agent (SSM Agent) on each instance. Deploy VPC endpoints for Systems Manager Session Manager. Connect to the instances by using Session Manager.
upvoted 0 times
...
France
11 months ago
A) Set up an AWS Direct Connect connection between the on-premises environment and the VPC where the instances are deployed. Configure routing, security groups, and ACLs. Connect to the instances by using the Direct Connect connection.
upvoted 0 times
...
...
Iraida
12 months ago
Agreed, B is the best choice here. Maintaining the AWS Direct Connect or VPN connection would be a headache in an environment with no internet access.
upvoted 0 times
Nu
11 months ago
Agreed, B is the best choice here. Maintaining the AWS Direct Connect or VPN connection would be a headache in an environment with no internet access.
upvoted 0 times
...
Rana
11 months ago
C) Establish an AWS Site-to-Site VPN connection between the on-premises environment and the VPC where the instances are deployed. Configure routing, security groups, and ACLs. Connect to the instances by using the Site-to-Site VPN connection.
upvoted 0 times
...
Jerlene
12 months ago
B) Deploy and configure AWS Systems Manager Agent (SSM Agent) on each instance. Deploy VPC endpoints for Systems Manager Session Manager. Connect to the instances by using Session Manager.
upvoted 0 times
...
...
Jesus
1 years ago
Option B seems like the way to go. Systems Manager Agent and Session Manager make it easier to manage the instances without a direct internet connection.
upvoted 0 times
Matt
11 months ago
Option B is definitely the most efficient choice. Systems Manager Agent and Session Manager simplify management without needing internet access.
upvoted 0 times
...
Raina
11 months ago
Definitely, it's a convenient solution that requires less maintenance overhead compared to the other options.
upvoted 0 times
...
Alyce
11 months ago
I agree, using Systems Manager Agent and Session Manager seems like the most efficient option for managing the instances without internet access.
upvoted 0 times
...
Yvonne
11 months ago
B) Deploy and configure AWS Systems Manager Agent (SSM Agent) on each instance. Deploy VPC endpoints for Systems Manager Session Manager. Connect to the instances by using Session Manager.
upvoted 0 times
...
Kimberely
11 months ago
B) Deploy and configure AWS Systems Manager Agent (SSM Agent) on each instance. Deploy VPC endpoints for Systems Manager Session Manager. Connect to the instances by using Session Manager.
upvoted 0 times
...
Elizabeth
12 months ago
User2
upvoted 0 times
...
Lorean
12 months ago
User1
upvoted 0 times
...
...
Miesha
1 years ago
I agree with Chaya. Using Systems Manager Session Manager seems like the easiest solution.
upvoted 0 times
...
Chaya
1 years ago
I think option B is the best approach.
upvoted 0 times
...

Save Cancel