AWS Certified Solutions Architect – Professional — Question 55

An organization hosts an app on EC2 instances which multiple developers need access to in order to perform updates.
The organization plans to implement some security best practices related to instance access.
Which one of the following recommendations will not help improve its security in this way?

Answer options

• A. Disable the password based login for all the users. All the users should use their own keys to connect with the instance securely.
• B. Create an IAM policy allowing only IAM users to connect to the EC2 instances with their own SSH key.
• C. Create a procedure to revoke the access rights of the individual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.
• D. Apply the latest patch of OS and always keep it updated.

Correct answer: B

Explanation

Option B is incorrect because allowing only IAM users to connect with their SSH keys does not specifically enhance security; it merely maintains the existing access method. Options A, C, and D all contribute to improved security: disabling password logins reduces attack vectors, revoking access rights prevents unauthorized access, and applying OS patches protects against vulnerabilities.