AWS Certified Cloud Practitioner — Question 885
Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.)
Answer options
- A. They are stateless.
- B. They are stateful.
- C. They evaluate all rules before allowing traffic.
- D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic.
- E. They operate at the instance level.
Correct answer: A, D
Explanation
Network ACLs (NACLs) in AWS are stateless, which means response traffic must be explicitly allowed by an outbound rule if inbound traffic was allowed. They process rules in numerical order starting with the lowest number, applying the first matching rule immediately rather than evaluating all rules. Conversely, security groups are stateful and operate at the instance level, whereas NACLs operate at the subnet level.