Update Software:
As part of the AWS shared responsibility model, it is the customer’s responsibility to update and
maintain the software running on the EC2 instance, including applying security patches and updates
(Option A).
Configure Security Groups:
Security groups act as virtual firewalls for instances to control inbound and outbound traffic.
Configuring them correctly is essential for securing the EC2 instance and ensuring only legitimate
traffic can reach the server (Option C).
Manage Operating System:
Managing the operating system, including user accounts, permissions, and operating system patches,
is the responsibility of the customer under the shared responsibility model (Option D).
Other Options Analysis:
Option B is incorrect as changing the existing ELB to a gateway load balancer is not necessary for
securing the new EC2 instance.
Option E is incorrect because it is not required to move all web servers into the same availability
zone for security purposes.
Reference:
AWS Shared Responsibility Model: AWS Shared Responsibility
EC2 Security Best Practices: AWS EC2 Security
