AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which of the following can be used to protect EC2 Instances hosted in AWS. Choose 2 answers from the options given below
Exam-Like
Community
RRitesh
0
A
Usage of Security Groups
B
Usage of AMI's
C
Usage of Network Access Control Lists
D
Usage of the Internet gateway
Explanation:
Explanation
Security Groups (Option A) and Network Access Control Lists (Option C) are the correct answers for protecting EC2 instances in AWS.
Security Groups:
- Act as virtual firewalls for EC2 instances
- Control inbound and outbound traffic at the instance level
- Stateful - return traffic is automatically allowed regardless of rules
- Operate at the instance level
Network Access Control Lists (NACLs):
- Provide an additional layer of security at the subnet level
- Act as stateless firewalls for controlling traffic in and out of subnets
- Evaluate traffic before it reaches instances
- Can be used to create deny rules
Why other options are incorrect:
- Option B (AMIs): Amazon Machine Images are templates for EC2 instances, not security mechanisms
- Option D (Internet Gateway): This enables internet connectivity for VPCs but doesn't provide security protection
Both Security Groups and NACLs work together to provide defense-in-depth security for EC2 instances in AWS.
Comments
Loading comments...