ACloud Guru Certified Cloud Practitioner Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the ACloud Guru Certified Cloud Practitioner Exam with flashcards and multiple choice questions. Each question includes hints and explanations to ensure you're ready for your certification!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What additional security measure can be implemented at the subnet level in a VPC?

  1. Network ACL

  2. Private IP Address

  3. IAM

  4. Security Group

The correct answer is: Network ACL

Network ACLs (Access Control Lists) are an additional security measure that can be implemented at the subnet level in a Virtual Private Cloud (VPC). They serve as a firewall for controlling traffic in and out of one or more subnets, providing an extra layer of security by allowing or denying requests based on predefined rules. Network ACLs operate at the network layer, meaning they evaluate packets passing through the subnet. They can be set up with rules that specify allowed or denied IP addresses, protocols, and ports. This capability enables you to create a more granular level of control over traffic entering or exiting the subnet, complementing other security measures such as Security Groups, which operate at the instance level and are stateful. The other options serve different purposes. A private IP address is simply an address assigned to a resource within the VPC and does not constitute a security measure. IAM (Identity and Access Management) manages user permissions and access to resources but does not work at the subnet level. Security Groups are also filters for traffic but are associated with individual instances rather than subnets, making them stateful and designed to allow or deny traffic based on inbound and outbound rules.

More Questions Like This