AWS Certified Solutions Architect – Professional — Question 590

A user is accessing an EC2 instance on the SSH port for IP 10.20.30.40/32.
Which one is a secure way to configure that the instance can be accessed only from this IP?

Answer options

• A. In the security group, open port 22 for IP 10.20.30.40
• B. In the security group, open port 22 for IP 10.20.30.0
• C. In the security group, open port 22 for IP 10.20.30.40/32
• D. In the security group, open port 22 for IP 10.20.30.40/0

Correct answer: C

Explanation

AWS Security Groups require IP addresses to be specified in CIDR format. The /32 suffix denotes a single, specific IPv4 address, making 10.20.30.40/32 the correct and most secure configuration. Option A is incorrect because security groups require a valid CIDR block notation, and Option D contains an invalid CIDR prefix.