AWS Certified Cloud Practitioner — Question 771

A company needs to apply security rules to a subnet for Amazon EC2 instances.

Which AWS service or feature provides this functionality?

Answer options

• A. Network ACLs
• B. Security groups
• C. AWS Certificate Manager (ACM)
• D. AWS Config

Correct answer: A

Explanation

Network ACLs act as a virtual firewall for controlling traffic in and out of one or more subnets, providing stateless filtering. In contrast, Security groups operate at the instance level rather than the subnet level. AWS Certificate Manager (ACM) manages SSL/TLS certificates, and AWS Config tracks resource configuration history, making neither of them suitable for subnet security rules.