Valid CV0-003 Dumps shared by ExamDiscuss.com for Helping Passing CV0-003 Exam! ExamDiscuss.com now offer the newest CV0-003 exam dumps, the ExamDiscuss.com CV0-003 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CV0-003 dumps with Test Engine here:
A security team is conducting an audit of the security group configurations for the Linux servers that are hosted in a public laaS. The team identifies the following rule as a potential A cloud administrator, who is working remotely, logs in to the cloud management console and modifies the rule to set the source to "My IR" Shortly after deploying the rule, an internal developer receives the following error message when attempting to log in to the server using SSH: Network error: connection timed out. However, the administrator is able to connect successfully to the same server using SSH. Which of the following is the BEST option for both the developer and the administrator to access the server from their locations?
Correct Answer: C
The inbound rule that the security team identified as a potential vulnerability is the one that allows SSH access (port 22) from any source (0.0.0.0/0). This means that anyone on the internet can try to connect to the Linux servers using SSH, which poses a risk of unauthorized access or brute-force attacks. The cloud administrator, who is working remotely, logs in to the cloud management console and modifies the rule to set the source to "My IP". This means that only the administrator's IP address can connect to the Linux servers using SSH, which improves the security of the servers. However, this also prevents other authorized users, such as the internal developer, from accessing the servers using SSH, as they have different IP addresses than the administrator. Therefore, the administrator needs to modify the rule again to allow more sources for SSH access. The best option for both the developer and the administrator to access the server from their locations is to modify the inbound rule to allow the company's external IP address as a source. This means that only the IP addresses that belong to the company's network can connect to the Linux servers using SSH, which reduces the attack surface and ensures that only authorized users can access the servers. The company's external IP address can be obtained by using a web service such as [What Is My IP Address?] or [IP Location]. The administrator can then enter this IP address or its CIDR notation in the source field of the inbound rule.