AWS Certified Cloud Practitioner (CLF-C02) — Question 283

Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.)

Answer options

• A. They are stateless.
• B. They are stateful.
• C. They evaluate all rules before allowing traffic.
• D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic.
• E. They operate at the instance level.

Correct answer: A, D

Explanation

Network ACLs (NACLs) in AWS are stateless, meaning that return traffic must be explicitly allowed by a separate rule. They also process rules sequentially starting from the lowest numbered rule, applying the first matching rule immediately. In contrast, security groups are stateful, operate at the instance level, and evaluate all rules before allowing traffic.