Explanation:
Network ACLs are stateless and are applied at the subnet level. If a custom Network ACL on the private subnet is configured to deny outbound traffic, instances within that subnet will be unable to communicate with the internet, even if a NAT gateway and route table are correctly configured.
Ultimate access to all questions.
Question 34. A SysOps administrator is troubleshooting a VPC with public and private subnets that leverage custom network ACLs. Instances in the private subnet are unable to access the internet. There is an internet gateway attached to the public subnet. The private subnet has a route to a NAT gateway that is also attached to the public subnet. The Amazon EC2 instances are associated with the default security group for the VPC. What is causing the issue in this scenario?
A
There is a network ACL on the private subnet set to deny all outbound traffic.
B
There is no NAT gateway deployed in the private subnet of the VPC.
C
The default security group for the VPC blocks all inbound traffic to the EC2 instances.
D
The default security group for the VPC blocks all outbound traffic from the EC2 instances.
E
None of the above
F
None of the above
No comments yet.