AWS Certified Cloud Practitioner — Question 104

Which AWS tool or feature acts as a VPC firewall at the subnet level?

Answer options

• A. Security group
• B. Network ACL
• C. Traffic Mirroring
• D. Internet gateway

Correct answer: B

Explanation

The correct answer is B, Network ACL, as it provides a firewall mechanism at the subnet level, controlling inbound and outbound traffic. A Security group (A) operates at the instance level, Traffic Mirroring (C) is used for monitoring traffic, and an Internet gateway (D) allows access to the internet but does not function as a firewall.