AWS Certified SysOps Administrator – Associate (legacy) — Question 493

A SysOps Administrator is responsible for maintaining an Amazon EC2 instance that acts as a bastion host. The Administrator can successfully connect to the instance using SSH, but attempts to ping the instance result in a timeout.
What is one reason for the issue?

Answer options

• A. The instance does not have an Elastic IP address
• B. The instance has a security group that does not allow Internet Control Message Protocol (ICMP) traffic
• C. The instance is not set up in a VPC using AWS Direct Connect
• D. The instance is running in a peered VPC

Correct answer: D

Explanation

When an instance is deployed within a peered VPC, specific routing table rules or security group configurations across the peering connection may restrict ICMP traffic while still permitting SSH traffic. This explains why the SSH connection succeeds but the ping utility times out. Other options like missing an Elastic IP or lacking Direct Connect would typically prevent both SSH and ping from working.