Topic 1 Question 384
A SysOps administrator is troubleshooting a VPC with public and private subnets that leverage custom network ACLs. Instances in the private subnet are unable to access the internet. There is an internet gateway attached to the public subnet. The private subnet has a route to a NAT gateway that is also attached to the public subnet. The Amazon EC2 instances are associated with the default security group for the VPC.
What is causing the issue in this scenario?
There is a network ACL on the private subnet set to deny all outbound traffic.
There is no NAT gateway deployed in the private subnet of the VPC.
The default security group for the VPC blocks all inbound traffic to the EC2 instances.
The default security group for the VPC blocks all outbound traffic from the EC2 instances.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
There is a network ACL on the private subnet set to deny all outbound traffic.
Network ACLs (Access Control Lists) are stateless and operate at the subnet level. If there is a network ACL on the private subnet that is configured to deny all outbound traffic, it would prevent instances in the private subnet from accessing the internet through the NAT gateway.
👍 2LemonGremlin2023/12/31 - 正解だと思う選択肢: A
A is the best one.
👍 2WinAndWin2024/01/01 - 正解だと思う選択肢: A
It is A, default security groups don't block anything so it can only be in ACL.
👍 1LudiVoss2024/01/10
シャッフルモード