Which AWS service or feature will meet this requirement?

By: study aws cloud

On: January 9, 2025

Tagged: Cloud Practitioner

With: 0 Comments

A company runs many Amazon EC2 instances in its VPC.The company wants to use a native AWS security resource to control network traffic between certain EC2 instances.

Which AWS service or feature will meet this requirement?

Network ACLs

AWS WAF

Amazon GuardDuty

Security groups

Explanations:

Network ACLs are stateless and operate at the subnet level. They control traffic in and out of a subnet but are not suitable for controlling traffic between specific EC2 instances.

AWS WAF (Web Application Firewall) is designed to protect web applications from common web exploits. It is not used for controlling network traffic between EC2 instances.

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior. It does not control network traffic.

Security groups are stateful virtual firewalls for controlling inbound and outbound traffic to AWS resources, such as EC2 instances. They allow fine-grained control of traffic between specific instances.

Previous Post: How should the developer identify and troubleshoot the root cause of the performance issues in production?

Next Post: Which method should a Database Specialist use to scale the ElastiCache cluster ahead of the upcoming event?

Leave a Reply Cancel reply