AWS Certified Cloud Practitioner (CLF-C02) — Question 169

Which AWS service or feature can a company use to apply security rules to specific Amazon EC2 instances?

Answer options

• A. Network ACLs
• B. Security groups
• C. AWS Trusted Advisor
• D. AWS WAF

Correct answer: B

Explanation

The correct answer is B, Security groups, as they are specifically designed to control inbound and outbound traffic for EC2 instances on a per-instance basis. Network ACLs (A) operate at the subnet level and apply to all instances within that subnet, while AWS Trusted Advisor (C) provides guidance on best practices and AWS WAF (D) is focused on application layer security, not directly managing EC2 instance security.