Which AWS service can be used to accomplish this goal?

By: study aws cloud

Tagged: Cloud Practitioner

With: 2 Comments

A user wants to identify any security group that is allowing unrestricted incoming SSH traffic.

Which AWS service can be used to accomplish this goal?

Amazon Cognito

AWS Shield

Amazon Macie

AWS Trusted Advisor

Explanations:

Amazon Cognito is a service for user authentication and management, and it does not provide functionality for monitoring or analyzing security groups or their rules.

AWS Shield is a managed DDoS protection service that helps protect applications from distributed denial of service attacks, but it does not assess security group configurations or identify unrestricted SSH traffic.

Amazon Macie is a data security and privacy service that uses machine learning to discover and protect sensitive data. It does not focus on analyzing security group settings or network traffic rules.

AWS Trusted Advisor provides real-time guidance to help you provision your resources following AWS best practices. One of its checks includes identifying security groups that allow unrestricted access to specific ports, including SSH, making it the appropriate service for this task.

Previous Post: Which benefit of cloud computing gives a company the ability to deploy applications to users all over the world through a network of AWS Regions, Availability Zones, and edge locations?

Next Post: Which solutions meet these requirements?

2 Comments

Author

It seems to me that the answer is:
AWS Trusted Advisor

Kathy

5 months ago

Permalink

Reply
Author

It appears that the answer is:
AWS Trusted Advisor

Peter

2 hours ago

Permalink

Reply

Leave a Reply Cancel reply