0
0
AWScloud~5 mins

Security group as virtual firewall in AWS - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is a security group in AWS?
A security group is like a virtual firewall that controls the traffic allowed to reach your AWS resources, such as EC2 instances. It filters incoming and outgoing network traffic based on rules you set.
Click to reveal answer
beginner
How do security groups control traffic?
Security groups control traffic by using rules that specify allowed protocols, ports, and source or destination IP addresses. Only traffic matching these rules is allowed; everything else is blocked.
Click to reveal answer
intermediate
Can security groups block outgoing traffic by default?
No. By default, security groups allow all outgoing traffic. You must add specific rules to restrict outbound traffic if needed.
Click to reveal answer
beginner
What happens if you don’t add any inbound rules to a security group?
If no inbound rules exist, no incoming traffic is allowed to the resource. This means the resource is effectively isolated from incoming network connections.
Click to reveal answer
intermediate
How are security groups different from network ACLs in AWS?
Security groups act as virtual firewalls at the instance level and are stateful, meaning return traffic is automatically allowed. Network ACLs operate at the subnet level and are stateless, requiring explicit rules for both inbound and outbound traffic.
Click to reveal answer
What type of traffic does a security group control in AWS?
AInbound and outbound traffic
BOnly inbound traffic
COnly outbound traffic
DTraffic between AWS regions
By default, what is the outbound traffic rule in a new security group?
AOnly SSH traffic is allowed
BAll outbound traffic is blocked
COnly HTTP traffic is allowed
DAll outbound traffic is allowed
If you want to allow SSH access to an EC2 instance, which port should you open in the security group inbound rules?
APort 80
BPort 22
CPort 443
DPort 3389
What does it mean that security groups are stateful?
AReturn traffic is automatically allowed
BRules must be set for both inbound and outbound separately
CThey only work within one AWS region
DThey log all traffic automatically
Can you assign multiple security groups to a single EC2 instance?
AOnly if the instance is in a public subnet
BNo, only one security group per instance
CYes, multiple security groups can be assigned
DOnly for instances running Windows
Explain how a security group acts as a virtual firewall in AWS.
Think about how a firewall filters traffic to protect a computer.
You got /5 concepts.
    Describe the difference between security groups and network ACLs in AWS.
    Consider where and how each controls traffic.
    You got /5 concepts.