To limit SSH access to your EC2 instance exclusively to your office IP 203.0.113.5, which security group ingress rule is correct?

hard📝 Application Q8 of 15

AWS - Security Groups and Network ACLs

AProtocol: TCP, Port Range: 80, Source: 203.0.113.5/32

BProtocol: TCP, Port Range: 22, Source: 203.0.113.0/24

CProtocol: UDP, Port Range: 22, Source: 203.0.113.5/32

DProtocol: TCP, Port Range: 22, Source: 203.0.113.5/32

Step-by-Step Solution

Solution:

Step 1: Identify SSH Protocol and Port
SSH uses TCP protocol on port 22.
Step 2: Restrict Source IP
To restrict to a single IP, use /32 subnet mask.
Step 3: Evaluate Options
Protocol: TCP, Port Range: 22, Source: 203.0.113.5/32 correctly specifies TCP port 22 and source 203.0.113.5/32. Protocol: TCP, Port Range: 22, Source: 203.0.113.0/24 allows entire subnet. Protocol: UDP, Port Range: 22, Source: 203.0.113.5/32 uses wrong protocol. Protocol: TCP, Port Range: 80, Source: 203.0.113.5/32 uses wrong port.
Final Answer:
Protocol: TCP, Port Range: 22, Source: 203.0.113.5/32 -> Option D
Quick Check:
Use /32 to specify a single IP address [OK]

Quick Trick: Use /32 CIDR to allow single IP for SSH [OK]

Common Mistakes:

Master "Security Groups and Network ACLs" in AWS

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More AWS Quizzes