Answer-first summary for fast verification
Answer: Security group
## Explanation **Security groups** are the correct choice because: - **Security groups operate at the instance level** - They control inbound and outbound traffic for individual EC2 instances - **Granular control** - Each EC2 instance can have its own security group configuration - **Doesn't affect other instances** - Configuring a security group for one instance doesn't impact other instances in the same subnet **Why other options are incorrect:** - **Network ACLs** operate at the subnet level and control traffic for all instances in the subnet - **AWS WAF** is a web application firewall that protects web applications from common exploits, not individual EC2 instances - **Route tables** control network routing between subnets and VPCs, not firewall functionality Security groups provide the instance-level firewall capability required by the scenario while ensuring other instances in the same subnet remain unaffected.
Author: Ritesh Yadav
Ultimate access to all questions.
A company needs a firewall that will control network connections to and from a single Amazon EC2 instance. The firewall must not control network connections to and from other instances that are in the same subnet. Which AWS service or feature should the company use to meet these requirements?
A
Network ACL
B
AWS WAF
C
Route table
D
Security group
No comments yet.