A Security Group attached to an EC2 instance allows inbound traffic on port 8080, but the instance cannot receive traffic on that port. What is the most likely cause?

medium📝 Debug Q7 of 15

AWS - Security Groups and Network ACLs

AInstance firewall is blocking port 8080

BNetwork ACL denies inbound traffic on port 8080

CRoute table does not have a route to the internet

DSecurity Group denies outbound traffic on port 8080

Step-by-Step Solution

Solution:

Step 1: Check Network ACL rules
If NACL denies inbound on port 8080, traffic is blocked before reaching instance.
Step 2: Confirm Security Group allows inbound
Security Group allows inbound, so it is not the cause.
Final Answer:
Network ACL denies inbound traffic on port 8080 -> Option B
Quick Check:
Subnet-level NACL deny blocks traffic despite Security Group allow [OK]

Quick Trick: NACL deny beats Security Group allow for inbound traffic [OK]

Common Mistakes:

MISTAKES

Blaming Security Group outbound rules
Ignoring subnet-level NACL rules
Assuming route table or instance firewall is always the cause

Master "Security Groups and Network ACLs" in AWS

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More AWS Quizzes

A Security Group attached to an EC2 instance allows inbound traffic on port 8080, but the instance cannot receive traffic on that port. What is the most likely cause?

Step 1: Check Network ACL rules

Step 2: Confirm Security Group allows inbound

Final Answer:

Quick Check:

Want More Practice?