Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 25 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 25
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

While securing the connection between a company’s VPC and its on-premises data center, a security engineer sent a ping command from an on-premises host (IP address 203.0.113.12) to an Amazon EC2 instance (IP address 172.31.16.139). The ping command did not return a response. The flow log in the VPC showed the following:

What action should be performed to allow the ping to work?

  • A. In the security group of the EC2 instance, allow inbound ICMP traffic.
  • B. In the security group of the EC2 instance, allow outbound ICMP traffic.
  • C. In the VPC’s NACL, allow inbound ICMP traffic.
  • D. In the VPC’s NACL, allow outbound ICMP traffic.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by aragon_saa at Oct. 3, 2023, 8:25 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
FunkyFresco
1 month, 2 weeks ago
Selected Answer: D
D is the right option.
upvoted 1 times
...
bkbaws
7 months, 1 week ago
Selected Answer: D
see https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-records-examples.html#flow-log-example-security-groups the NACL is blocking the outbound response
upvoted 2 times
...
i7ovemyself
7 months, 1 week ago
For security group outbound rule is automatically allowed as security groups are stateful, NACL is stateless, so answer will be D as we need to allow the outbound rule in VPC's NACL.
upvoted 3 times
...
Daniel76
10 months, 2 weeks ago
Selected Answer: D
There are multiple possible cause. https://arcadian.cloud/aws/2022/07/01/4-reasons-you-cannot-ping-your-aws-ec2-instance-and-how-to-fix-them/ Base on the logs, only one direction is not successful. Likely its #4 - NACL.
upvoted 1 times
...
Aamee
10 months, 3 weeks ago
Selected Answer: D
It's the EC2 instance IP area from where the ping didn't get the response back to the on-prem location which is clearly a usecase of NACL area. Therefore, def. going with 'D'.
upvoted 1 times
...
Christina666
10 months, 3 weeks ago
Selected Answer: D
NACLs are stateless and do not track the state of a connection, while Security Groups are stateful and allow traffic based on the response to previous traffic. Default rule: NACLs have a default rule that denies all traffic, while Security Groups have a default rule that allows all traffic.
upvoted 3 times
...
[Removed]
11 months, 1 week ago
Selected Answer: D
Answer D
upvoted 1 times
...
lalee2
11 months, 1 week ago
Selected Answer: D
Answer D
upvoted 1 times
...
pupsik
11 months, 2 weeks ago
Selected Answer: D
Outbound communication on NACL is blocked.
upvoted 1 times
...
allcertcracker
11 months, 2 weeks ago
it is D
upvoted 1 times
...
Sumi81
11 months, 2 weeks ago
I think its B
upvoted 1 times
...
100fold
11 months, 3 weeks ago
Selected Answer: D
Answer D
upvoted 1 times
...
aragon_saa
1 year ago
https://www.examtopics.com/discussions/amazon/view/16473-exam-aws-certified-security-specialty-topic-2-question-8/
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel