0
0
AWScloud~20 mins

Network ACLs overview in AWS - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Network ACL Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
How do Network ACLs control traffic in AWS?

Network ACLs in AWS control traffic at which level?

AAt the internet gateway level, filtering traffic to the internet
BAt the instance level, filtering traffic to individual EC2 instances
CAt the subnet level, filtering traffic entering and leaving subnets
DAt the VPC level, filtering traffic between VPCs
Attempts:
2 left
💡 Hint

Think about where Network ACLs are applied in the network structure.

service_behavior
intermediate
2:00remaining
What happens if a Network ACL rule denies traffic?

If a Network ACL rule explicitly denies traffic, what is the result?

AThe traffic is redirected to another subnet
BThe traffic is allowed if a security group permits it
CThe traffic is logged but still allowed
DThe traffic is blocked and not allowed through the subnet
Attempts:
2 left
💡 Hint

Consider how deny rules affect network traffic flow.

Configuration
advanced
2:30remaining
Identify the Network ACL rule that allows inbound HTTP traffic

Which Network ACL rule correctly allows inbound HTTP traffic on port 80?

AWS
Rule Number: 100
Protocol: TCP
Port Range: 80
Rule Action: Allow
Egress: No
ARule Number: 100, Protocol: UDP, Port Range: 80, Rule Action: Allow, Egress: No
BRule Number: 100, Protocol: TCP, Port Range: 80, Rule Action: Allow, Egress: No
CRule Number: 100, Protocol: TCP, Port Range: 443, Rule Action: Allow, Egress: No
DRule Number: 100, Protocol: TCP, Port Range: 80, Rule Action: Deny, Egress: No
Attempts:
2 left
💡 Hint

HTTP uses TCP on port 80 and the rule must allow inbound traffic.

security
advanced
2:30remaining
Why should Network ACLs have both allow and deny rules explicitly defined?

What is the security reason for explicitly defining both allow and deny rules in Network ACLs?

ATo ensure unwanted traffic is blocked and only specific traffic is allowed
BTo speed up network traffic by allowing all traffic by default
CTo automatically log all traffic passing through the subnet
DTo allow traffic only during business hours
Attempts:
2 left
💡 Hint

Think about controlling access tightly for security.

Architecture
expert
3:00remaining
How does Network ACL statelessness affect return traffic handling?

Network ACLs are stateless. What does this mean for return traffic after an inbound request?

AReturn traffic must be explicitly allowed by outbound rules in the Network ACL
BReturn traffic is automatically allowed without any rules
CReturn traffic is blocked by default and cannot be allowed
DReturn traffic is handled by security groups, not Network ACLs
Attempts:
2 left
💡 Hint

Consider how stateless filters treat inbound and outbound packets separately.