AWS Certified Solutions Architect – Professional — Question 31

Your system recently experienced down time during the troubleshooting process. You found that a new administrator mistakenly terminated several production
EC2 instances.
Which of the following strategies will help prevent a similar situation in the future?
The administrator still must be able to:
✑ launch, start stop, and terminate development resources.
✑ launch and start production instances.

Answer options

• A. Create an IAM user, which is not allowed to terminate instances by leveraging production EC2 termination protection.
• B. Leverage resource based tagging, along with an IAM user which can prevent specific users from terminating production, EC2 resources.
• C. Leverage EC2 termination protection and multi-factor authentication, which together require users to authenticate before terminating EC2 instances
• D. Create an IAM user and apply an IAM role which prevents users from terminating production EC2 instances.

Correct answer: C

Explanation

The correct answer is C because it combines EC2 termination protection with multi-factor authentication, ensuring that users must verify their identity before they can terminate instances, thereby adding an extra layer of security. Options A, B, and D do not fully prevent termination without additional verification, leaving production instances vulnerable to accidental termination.