If a security group has an inbound rule allowing TCP port 443 from 0.0.0.0/0 but HTTPS connections fail, what is the most probable cause?

medium📝 Predict Output Q4 of 15

AWS - Security Groups and Network ACLs

AThe security group outbound rules are missing port 80

BThe instance's network ACL blocks inbound port 443 traffic

CThe source IP is incorrectly specified as 0.0.0.0/0

DThe instance is using HTTP instead of HTTPS

Step-by-Step Solution

Solution:

Step 1: Confirm Security Group Rule
Inbound TCP port 443 from anywhere is allowed by the security group.
Step 2: Check Other Network Controls
Network ACLs can block traffic even if security groups allow it.
Step 3: Evaluate Options
Outbound rules missing port 80 do not affect inbound HTTPS (port 443). Source 0.0.0.0/0 is correct for all IPs. HTTP vs HTTPS is unrelated to port 443 blocking.
Final Answer:
The instance's network ACL blocks inbound port 443 traffic -> Option B
Quick Check:
Network ACLs can override security group permissions [OK]

Quick Trick: Network ACLs can block allowed security group traffic [OK]

Common Mistakes:

Master "Security Groups and Network ACLs" in AWS

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More AWS Quizzes