You need to set up security for your VPC and you know that Amazon VPC provides two features that you
can use to increase security for your VPC: Security groups and network access control lists (ACLs). You start to look into security groups first.
Which statement below is incorrect in relation to security groups?
A . Are stateful: Return traffic is automatically allowed, regardless of any rules.
B . Evaluate all rules before deciding whether to allow traffic.
C . Support allow rules and deny rules.
D . Operate at the instance level (first layer of defense).
Answer: C
Explanation:
Amazon VPC provides two features that you can use to increase security for your VPC:
Security groups―Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level and supports allow rules only.
Network access control lists (ACLs)―Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level and supports allow rules and deny rules.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Security.html
Latest AWS-Solution-Architect-Associate Dumps Valid Version with 986 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund