0
0
AWScloud~5 mins

Stateful behavior of security groups in AWS - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What does it mean that AWS security groups are stateful?
It means that if you allow incoming traffic on a port, the response traffic is automatically allowed back out, without needing a separate rule.
Click to reveal answer
beginner
How does stateful behavior simplify managing network rules?
You only need to create rules for incoming or outgoing traffic, not both, because the return traffic is automatically allowed.
Click to reveal answer
beginner
If you allow inbound HTTP traffic on port 80, what happens to the outbound response traffic?
The outbound response traffic is automatically allowed by the security group because of its stateful nature.
Click to reveal answer
intermediate
What is the difference between stateful and stateless firewalls in terms of traffic rules?
Stateful firewalls remember connections and allow return traffic automatically; stateless firewalls require explicit rules for both directions.
Click to reveal answer
intermediate
Can you block outbound traffic in a security group if inbound traffic is allowed?
Yes, you can block outbound traffic by not allowing it explicitly, even if inbound traffic is allowed, but response traffic to inbound requests is still allowed automatically.
Click to reveal answer
What happens to response traffic in AWS security groups when inbound traffic is allowed?
AResponse traffic is blocked by default.
BYou must create a separate outbound rule.
CResponse traffic is automatically allowed back out.
DResponse traffic requires a NAT gateway.
Which of the following best describes a stateful firewall?
AIt only filters traffic based on IP addresses.
BIt blocks all traffic unless explicitly allowed.
CIt requires separate rules for inbound and outbound traffic.
DIt tracks connections and allows return traffic automatically.
If you want to allow outbound traffic but block inbound traffic, what should you do in a security group?
AAllow outbound rules and do not allow inbound rules.
BAllow inbound rules and block outbound rules.
CAllow both inbound and outbound rules.
DBlock both inbound and outbound rules.
Why do you not need to create outbound rules for response traffic in security groups?
ABecause security groups are stateful and allow response traffic automatically.
BBecause outbound traffic is always allowed by default.
CBecause AWS blocks outbound traffic automatically.
DBecause response traffic uses a different port.
Which statement is true about security groups in AWS?
AThey only control outbound traffic.
BThey are stateful and track connection states.
CThey are stateless and require rules for both directions.
DThey require manual approval for response traffic.
Explain in your own words what it means that AWS security groups are stateful.
Think about how a conversation works and how replies are handled.
You got /3 concepts.
    Describe how stateful behavior affects the way you write inbound and outbound rules in security groups.
    Consider if you need to write rules for both directions or just one.
    You got /3 concepts.