AWS Solutions Architect Associate Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the AWS Solutions Architect Associate Test with our engaging quizzes. Utilize flashcards and multiple-choice questions, each with hints and explanations to enhance your understanding. Get exam-ready today!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

From which service can you block incoming/outgoing IPs?

  1. Security Groups

  2. DNS

  3. ELB

  4. NACL

The correct answer is: NACL

The ability to block incoming and outgoing IP addresses is a key feature of Network Access Control Lists (NACLs) in AWS. NACLs provide a layer of security at the subnet level within a Virtual Private Cloud (VPC). They enable you to define rules that control both inbound and outbound traffic to and from all resources within the subnet. With NACLs, you can specify explicit allow or deny rules based on IP addresses and CIDR blocks, offering flexibility in how you control traffic. For instance, you can block traffic from specific external IP addresses or restrict outbound traffic to certain ranges as needed to comply with security policies. While Security Groups also control inbound and outbound traffic, they are stateful and apply primarily to EC2 instances. This means that when a request is allowed in one direction, the response is automatically allowed back without needing explicit additional rules. On the other hand, NACLs are stateless, requiring you to define rules for both directions of traffic separately. DNS primarily serves to resolve domain names to IP addresses and does not have any functionality for blocking traffic. Elastic Load Balancers (ELB) distribute incoming application or network traffic across multiple targets, but they do not provide mechanisms for blocking IPs on their own. Thus,

More Questions Like This