AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 119

Your website is under attack and a malicious party is stealing large amounts of data. You have default NACL rules. Stopping the attack is the ONLY priority in this case. Which two commands should you use? (Choose two.)

Answer options

• A. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -ingress -rule-number 32768
• B. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -egress rule-number 100
• C. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -ingress rule-number 100
• D. aws ec2 create-network-acl-entry -network-acl-id acl-5fb84d47 -ingress rule-number 100 -protocol -1 -port-range From =-1,To =-1 -cidr-block 0.0.0.0/0 -rule- action deny

Correct answer: B, C

Explanation

The correct commands are B and C as they both remove specific rules that allow traffic, effectively stopping unwanted data access. Option A is incorrect because it targets a different rule number that doesn't address the current attack, and option D is incorrect since it creates a new rule rather than deleting existing ones.