Which statement below is incorrect in relation to ACLs?
You need to set up security for your VPC and you know that Amazon VPC provides two features that you can use to increase security for your VPC: security groups and network access control lists (ACLs). You have already looked into security groups and you are now trying to understand ACLs.
Which statement below is incorrect in relation to ACLs?
A . Supports allow rules and deny rules.
B . Is stateful: Return traffic is automatically allowed, regardless of any rules.
C . Processes rules in number order when deciding whether to allow traffic.
D . Operates at the subnet level (second layer of defense).
Answer: B
Explanation:
Amazon VPC provides two features that you can use to increase security for your VPC:
Security groups―Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level
Network access control lists (ACLs)―Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level
Security groups are stateful: (Return traffic is automatically allowed, regardless of any rules)
Network ACLs are stateless: (Return traffic must be explicitly allowed by rules)
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Security.html
Latest AWS-Solution-Architect-Associate Dumps Valid Version with 986 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund