AWS Certified Cloud Practitioner — Question 368

A company is running an Amazon EC2 instance in a VPC.

Which of the following can the company use to route and filter incoming network requests for the EC2 instance?

Answer options

• A. Route tables and web application firewalls
• B. Security groups and route tables
• C. Security groups and a network intrusion system
• D. Route tables and AWS Shield

Correct answer: B

Explanation

Route tables are responsible for directing network traffic within a VPC to its proper destination, while security groups act as virtual firewalls to filter inbound and outbound traffic at the EC2 instance level. Other options, such as AWS Shield or web application firewalls, do not provide this fundamental combination of routing and instance-level filtering.