Which combination of actions will allow the company to conduct forensic analysis on the EC2 instance without compromising forensic data?
(Choose three.)
Update the EC2 instance security group to add a rule that allows outbound traffic on port 443 for 0.0.0.0/0.
Update the EC2 instance security group to add a rule that allows inbound traffic on port 443 to the VPC’s CIDR range.
Create an EC2 key pair. Associate the key pair with the EC2 instance.
Create a VPC interface endpoint for Systems Manager in the VPC where the EC2 instance is located.
Attach a security group to the VPC interface endpoint. Allow inbound traffic on port 443 to the VPC’s CIDR range.
Create a VPC interface endpoint for the EC2 instance in the VPC where the EC2 instance is located.
Explanations:
Adding an outbound rule for port 443 (HTTPS) allows the EC2 instance to communicate with the Systems Manager service for Session Manager access.
Inbound traffic on port 443 to the VPC’s CIDR is not necessary for Systems Manager to work, as the communication is initiated by the EC2 instance.
An EC2 key pair is used for SSH or RDP access, not for Systems Manager access. SSM uses the SSM Agent for communication, not a key pair.
A VPC interface endpoint for Systems Manager is required to enable SSM communication within the VPC, especially when there is no internet gateway.
Attaching a security group to the VPC interface endpoint and allowing inbound traffic on port 443 ensures proper communication for SSM.
VPC interface endpoints are for service access (like SSM) to/from the EC2 instance, not for the EC2 instance itself.
I conclude that the answer is:
Update the EC2 instance security group to add a rule that allows outbound traffic on port 443 for 0.0.0.0/0.