AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
A company needs a firewall that will control network connections to and from a single Amazon EC2 instance. The firewall must not control network connections to and from other instances that are in the same subnet. Which AWS service or feature should the company use to meet these requirements?
Real Exam
Community
RRitesh
Explanation:
Explanation
Security groups are the correct choice because:
- Security groups operate at the instance level - They control inbound and outbound traffic for individual EC2 instances
- Granular control - Each EC2 instance can have its own security group configuration
- Doesn't affect other instances - Configuring a security group for one instance doesn't impact other instances in the same subnet
Why other options are incorrect:
- Network ACLs operate at the subnet level and control traffic for all instances in the subnet
- AWS WAF is a web application firewall that protects web applications from common exploits, not individual EC2 instances
- Route tables control network routing between subnets and VPCs, not firewall functionality
Security groups provide the instance-level firewall capability required by the scenario while ensuring other instances in the same subnet remain unaffected.
Comments
Loading comments...