Complete the code to specify that security groups act as a {{BLANK_1}} firewall for instances.
Security groups act as a [1] firewall for instances in AWS.
Security groups are stateful, meaning they remember allowed connections and automatically allow return traffic.
Complete the code to specify that NACLs are {{BLANK_1}} and control traffic at the subnet level.
Network ACLs (NACLs) are [1] and control traffic at the subnet level.
NACLs are stateless, so return traffic must be explicitly allowed by rules.
Fix the error in the statement: 'Security groups allow {{BLANK_1}} rules only, no deny rules.'
Security groups allow [1] rules only, no deny rules.Security groups only support allow rules; they do not support explicit deny rules.
Fill both blanks to complete the sentence: 'NACLs apply to {{BLANK_1}} and can have {{BLANK_2}} rules for inbound and outbound traffic.'
NACLs apply to [1] and can have [2] rules for inbound and outbound traffic.
NACLs apply at the subnet level and have separate rules for inbound and outbound traffic.
Fill all four blanks to complete the best practice: 'Use {{BLANK_1}} for instance-level security, {{BLANK_2}} for subnet-level control, and remember that {{BLANK_3}} are stateful while {{BLANK_4}} are stateless.'
Use [1] for instance-level security, [2] for subnet-level control, and remember that [3] are stateful while [4] are stateless.
Security groups protect individual instances and are stateful. NACLs protect subnets and are stateless.