AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company needs to set up a virtual firewall that is specific to a single Amazon EC2 instance. Which AWS feature provides this functionality?

Exam-Like

Community

RRitesh

NAT gateway

Network ACL

Route table

Security group

Explanation:

Explanation

Security groups are the correct answer because they provide a virtual firewall at the instance level for Amazon EC2 instances.

Key Differences:

Security Groups:
- Operate at the instance level
- Stateful - return traffic is automatically allowed
- Support allow rules only (no deny rules)
- Can be associated with individual EC2 instances
- Evaluate all rules before deciding whether to allow traffic
Network ACLs:
- Operate at the subnet level
- Stateless - return traffic must be explicitly allowed
- Support both allow and deny rules
- Apply to all instances in a subnet
- Process rules in numerical order
NAT Gateway:
- Used to allow instances in private subnets to connect to the internet
- Not a firewall feature
Route Tables:
- Control traffic routing between subnets and to external networks
- Not a firewall feature

Since the requirement is for a virtual firewall specific to a single EC2 instance, security groups are the appropriate choice as they can be directly associated with individual instances.

Powered ByGemini-3 Flash

Comments

Loading comments...