AWS Certified Cloud Practitioner (CLF-C02) — Question 656

A company needs stateless network filtering for its VPC.

Which AWS service, tool, or feature will meet this requirement?

Answer options

Correct answer: C

Explanation

A Network access control list (ACL) is a stateless firewall that controls inbound and outbound traffic at the subnet level, requiring explicit rules for both directions. Security groups are stateful firewalls at the instance level, AWS WAF is a web application firewall for Layer 7 protection, and AWS PrivateLink provides private connectivity rather than traffic filtering.