Q62 — AWS SOA-C02 Ch.1

Question 62 of 100 | ← Chapter 1

A SysOps administrator is investigating why a user has been unable to use RDP to connect over the internet from their home computer to a bastion server running on an Amazon EC2 Windows instance. Which of the following are possible causes of this issue? (Choose two.)

Correct Answer: A. A network ACL associated with the bastion's subnet is blocking the network traffic., C. The route table associated with the bastion's subnet does not have a route to the internet gateway.

Explanation

AWS服务中EC2实例的网络连接问题通常涉及安全组、网络ACL、路由表配置。网络ACL作为子网级别的无状态防火墙,若未显式允许RDP端口(3389)的入站或出站流量,将导致连接失败。路由表需包含指向互联网网关的路由(0.0.0.0/0目标为igw),否则实例无法与互联网通信。选项B的错误在于EC2实例必须具有私有IP地址;选项D的端口22适用于SSH而非RDP;选项E忽略安全组默认允许所有出站流量的特性。正确原因为网络ACL和路由表配置问题。答案参考AWS文档中关于VPC网络配置的章节。