AWS Certified SysOps Administrator – Associate (legacy) — Question 830

Network ACLs in a VPC operate at the ______.

Answer options

• A. TCP level
• B. instance level
• C. subnet level
• D. gateway level

Correct answer: C

Explanation

Network ACLs (NACLs) function as a stateless firewall to control inbound and outbound traffic at the subnet boundary. Conversely, Security Groups operate at the instance level (specifically at the Elastic Network Interface). NACLs do not operate at the TCP session level or the gateway level.