Answer-first summary for fast verification
Answer: Usage of Security Groups, Usage of Network Access Control Lists
## Explanation **Security Groups (Option A)** and **Network Access Control Lists (Option C)** are the correct answers for protecting EC2 instances in AWS. ### Security Groups: - Act as virtual firewalls for EC2 instances - Control inbound and outbound traffic at the instance level - Stateful - return traffic is automatically allowed regardless of rules - Operate at the instance level ### Network Access Control Lists (NACLs): - Provide an additional layer of security at the subnet level - Act as stateless firewalls for controlling traffic in and out of subnets - Evaluate traffic before it reaches instances - Can be used to create deny rules ### Why other options are incorrect: - **Option B (AMIs)**: Amazon Machine Images are templates for EC2 instances, not security mechanisms - **Option D (Internet Gateway)**: This enables internet connectivity for VPCs but doesn't provide security protection Both Security Groups and NACLs work together to provide defense-in-depth security for EC2 instances in AWS.
Author: Ritesh Yadav
Ultimate access to all questions.
Which of the following can be used to protect EC2 Instances hosted in AWS. Choose 2 answers from the options given below
A
Usage of Security Groups
B
Usage of AMI's
C
Usage of Network Access Control Lists
D
Usage of the Internet gateway
No comments yet.