AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which of the following can be used to protect EC2 Instances hosted in AWS. Choose 2 answers from the options given below
Exam-Like
Community
RRitesh
A
Usage of Security Groups
B
Usage of AMI's
C
Usage of Network Access Control Lists
D
Usage of the Internet gateway
Explanation:
Explanation
Security Groups (Option A) and Network Access Control Lists (Option C) are the correct answers for protecting EC2 instances in AWS.
Security Groups:
-
Act as virtual firewalls for EC2 instances
-
Control inbound and outbound traffic at the instance level
-
Stateful - return traffic is automatically allowed regardless of rules
-
Operate at the instance level
Network Access Control Lists (NACLs):
-
Provide an additional layer of security at the subnet level
-
Act as stateless firewalls for controlling traffic in and out of subnets
-
Evaluate traffic before it reaches instances
-
Can be used to create deny rules
Why other options are incorrect:
-
Option B (AMIs): Amazon Machine Images are templates for EC2 instances, not security mechanisms
-
Option D (Internet Gateway): This enables internet connectivity for VPCs but doesn't provide security protection
Both Security Groups and NACLs work together to provide defense-in-depth security for EC2 instances in AWS.
Comments
Loading comments...