Answer: Network ACL

The correct answer is B, Network ACL. A Network Access Control List (ACL) is a virtual firewall that provides an additional layer of security at the subnet level within an Amazon Virtual Private Cloud (VPC). It operates at the protocol and port level, using numbered rules to allow or deny traffic. By default, a Network ACL allows all inbound and outbound traffic, but it can be configured to control traffic as needed. In contrast, Security Groups (option A) provide security at the instance level, not the subnet level. Traffic Mirroring (option C) is a feature that allows you to mirror network traffic to another virtual network interface for analysis, and an Internet Gateway (option D) is used to provide internet access to instances within a VPC, but it does not act as a firewall at the subnet level.

Author: LeetQuiz Editorial Team