AWS Certified Advanced Networking – Specialty ANS-C00 – Question275

Fill in the blanks: One of the basic characteristics of security groups for your VPC is that you ______ .

A.
can specify allow rules, but not deny rules
B. can specify deny rules, but not allow rules
C. can specify allow rules as well as deny rules
D. can neither specify allow rules nor deny rules

Correct Answer: A

Explanation:

Explanation:
Security Groups in VPC allow you to specify rules with reference to the protocols and ports through which communications with your instances can be established. One such rule is that you can specify allow rules, but not deny rules.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html