AWS Certified Advanced Networking Specialty Practice Exam

Which of the following contributes to controlling inbound and outbound traffic at the subnet level?

• A. VPC Endpoints
• B. Subnet Route Tables
• C. Network Access Control Lists
• D. Elastic Load Balancers

The correct answer is: Network Access Control Lists

Controlling inbound and outbound traffic at the subnet level is primarily the function of Network Access Control Lists (NACLs). NACLs act as a firewall for controlling traffic at the subnet-level within a Virtual Private Cloud (VPC), enabling or denying traffic based on rules that specify conditions for both inbound and outbound traffic. They provide an additional layer of security by allowing users to implement specific rules tailored to their traffic management needs, including allowing or blocking traffic based on IP address, protocol, and port number. While other choices can influence traffic management, they do not specifically control traffic at the subnet level in the same manner. VPC Endpoints are used for private connectivity to AWS services without the need for an internet gateway, NAT device, VPN connection, or AWS Direct Connect, but they do not function as traffic controllers for all ingress and egress traffic for a subnet. Subnet Route Tables determine the routing of traffic based on destination IP addresses and do not provide the granular control that NACLs do. Elastic Load Balancers distribute incoming application traffic across multiple targets, such as EC2 instances, but they operate at a higher level in the architecture and are not used specifically for subnet-level traffic control. Therefore, Network Access Control Lists are essential for managing