CLF-C02 Domain 2: Security and Compliance

Network ACLs in a VPC are:

Multiple choice — select one answer

Answer choices

  1. a. Rely on Stateless filters at the subnet level alone while omitting the cross-service integration the workload needs, without security or identity team coordination per policy.
  2. b. Security in the cloud (customer responsibility), using shared credentials instead of individual accountability.
  3. c. Stateless filters at the subnet level
  4. d. A document defining permissions

Architectural breakdown & explanation

NACLs provide optional stateless allow/deny rules for subnets.

Correct answer(s): c. Stateless filters at the subnet level

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.