A company's security engineer is designing an isolation procedure for Amazon EC2 instances as part of an incident response plan. The security engineer needs to isolate a target instance to block any traffic to and from the target instance, except for traffic from the company's forensics team. Each of the company's EC2 instances has its own dedicated security group. The EC2 instances are deployed in subnets of a VPC. A subnet can contain multiple instances.
The security engineer is testing the procedure for EC2 isolation and opens an SSH session to the target instance. The procedure starts to simulate access to the target instance by an attacker. The security engineer removes the existing security group rules and adds security group rules to give the forensics team access to the target instance on port 22.
After these changes, the security engineer notices that the SSH connection is still active and usable. When the security engineer runs a ping command to the public IP address of the target instance, the ping command is blocked.
What should the security engineer do to isolate the target instance?
AgboolaKun
Highly Voted 1 year, 1 month agoIPLogic
Most Recent 2 days, 21 hours agoIPLogic
6 days, 2 hours agoIPLogic
1 week, 2 days agomzeynalli
1 month agojakie22332
1 month agoJohnyw
1 month, 4 weeks agoJust_Ninja
2 months, 3 weeks agojamesf
3 months, 1 week agoFunkyFresco
3 months, 2 weeks agokomik_101
3 months, 3 weeks agoZek
7 months agoicecool36
7 months agoicecool36
7 months agoicecool36
7 months agoxflare
8 months, 3 weeks agoarvehisa
9 months, 1 week ago