AWS Certified SysOps Administrator – Associate — Question 218

A SysOps administrator launches an Amazon EC2 instance in a private subnet of a VPC. When the SysOps administrator attempts a curl command from the command line of the EC2 instance, the SysOps administrator cannot connect to https:www.example.com.

What should the SysOps administrator do to resolve this issue?

Answer options

• A. Ensure that there is an outbound security group for port 443 to 0.0.0.0/0.
• B. Ensure that there is an inbound security group for port 443 from 0.0.0.0/0.
• C. Ensure that there is an outbound network ACL for ephemeral ports 1024-66535 to 0.0.0.0/0.
• D. Ensure that there is an outbound network ACL for port 80 to 0.0.0.0/0.

Correct answer: A

Explanation

The correct answer is A because outbound rules are needed to allow the EC2 instance to make HTTPS requests on port 443. Option B is incorrect since inbound rules control incoming traffic, which is not relevant for outgoing requests. Options C and D are also incorrect as they focus on ephemeral ports and HTTP traffic, respectively, neither of which resolve the HTTPS connectivity issue.