0
0
AWScloud~20 mins

Inbound and outbound rules in AWS - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Inbound and Outbound Rules Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
Understanding Security Group Inbound Rules

You have a security group with the following inbound rule:

Type: SSH
Protocol: TCP
Port Range: 22
Source: 0.0.0.0/0

What is the effect of this rule?

ABlocks SSH access from all IP addresses to instances associated with this security group.
BAllows SSH access only from within the same VPC.
CAllows SSH access only from a specific IP address.
DAllows SSH access from any IP address to instances associated with this security group.
Attempts:
2 left
💡 Hint

Think about what 0.0.0.0/0 means in networking.

Architecture
intermediate
2:00remaining
Outbound Rules for Internet Access

You want your EC2 instances in a private subnet to access the internet for software updates. Which outbound rule should you add to the security group?

AAllow all outbound traffic (All protocols, All ports, Destination 0.0.0.0/0).
BAllow inbound HTTP traffic from 0.0.0.0/0.
CAllow inbound traffic on port 80 from the internet.
DAllow outbound traffic only on port 22 to 0.0.0.0/0.
Attempts:
2 left
💡 Hint

Think about what outbound rules control and what is needed for internet access.

security
advanced
2:00remaining
Restricting Inbound Access to a Specific IP

You want to allow HTTP access (port 80) only from your office IP 203.0.113.5. Which inbound rule configuration is correct?

AType: HTTP, Protocol: TCP, Port Range: 80, Source: 203.0.113.5/32
BType: HTTP, Protocol: TCP, Port Range: 80, Source: 0.0.0.0/0
CType: HTTP, Protocol: TCP, Port Range: 80, Source: 203.0.113.0/24
DType: HTTP, Protocol: UDP, Port Range: 80, Source: 203.0.113.5/32
Attempts:
2 left
💡 Hint

Consider the CIDR notation for a single IP and the correct protocol for HTTP.

Best Practice
advanced
2:00remaining
Best Practice for Outbound Rules in Security Groups

Which of the following is the best practice for configuring outbound rules in AWS security groups?

ADeny all outbound traffic by default and open ports as needed.
BAllow all outbound traffic by default unless there is a specific reason to restrict it.
CAllow outbound traffic only on port 22 for SSH.
DAllow outbound traffic only on port 80 for HTTP.
Attempts:
2 left
💡 Hint

Think about ease of management and common AWS defaults.

🧠 Conceptual
expert
2:00remaining
Effect of Missing Outbound Rules

If a security group has inbound rules allowing HTTP (port 80) from anywhere but has no outbound rules configured, what will happen when an instance receives an HTTP request?

AThe instance will send a response but cannot receive further requests.
BThe instance will block the incoming HTTP request due to missing outbound rules.
CThe instance will receive and respond to the request normally.
DThe instance will receive the request but cannot send a response back, causing the connection to fail.
Attempts:
2 left
💡 Hint

Remember how security groups handle stateful traffic.