AWS Certified SysOps Administrator – Associate (legacy) — Question 474

______ in VPC are stateful where return traffic is automatically allowed, regardless of any rules.

Answer options

• A. Security groups
• B. Availability Zones
• C. Network ACLs
• D. Geo Redundant Servers

Correct answer: A

Explanation

Security groups are stateful, which means they automatically track connections and allow return traffic without requiring an explicit outbound or inbound rule. In contrast, Network ACLs are stateless and require explicit rules for traffic in both directions, while Availability Zones and Geo Redundant Servers do not act as traffic firewalls.