Which of the following services can be used to block network traffic to an instance?

By:
On:
In: CLF-C02
Tagged:
With: 0 Comments

Which of the following services can be used to block network traffic to an instance?

(Choose two.)

Security groups

Amazon Virtual Private Cloud (Amazon VPC) flow logs

Network ACLs

Amazon CloudWatch

AWS CloudTrail

Explanations:

Security groups act as a virtual firewall to control inbound and outbound traffic for instances. They allow or deny traffic based on defined rules.

Amazon VPC flow logs are used for monitoring and capturing information about the IP traffic going to and from network interfaces but do not block traffic.

Network ACLs (Access Control Lists) are stateless firewalls that can allow or deny traffic to and from subnets in a VPC. They can effectively block traffic.

Amazon CloudWatch is primarily used for monitoring and logging metrics and events but does not have functionality to block network traffic.

AWS CloudTrail is used for governance, compliance, and auditing but does not control or block network traffic.

Leave a Reply

Your email address will not be published. Required fields are marked *

ten + four =