A company runs its applications on Amazon EC2 instances. A network engineer must deny specific ports for all applications and must allow only approved ports for each application. All outbound traffic from the instances must be allowed.
Which solution will meet these requirements?
A. Create a network ACL for each application to allow the application's approved ports. Associate the network ACL with the appropriate instances. Create a security group that denies the required specific ports. Associate the security group with the appropriate subnets.
B. Create a security group for each application to allow the application's approved ports. Associate the security group with the appropriate instances. Create a network ACL that denies the required specific ports. Associate the network ACL with the appropriate subnets.
C. Create a security group for each application to allow the application's approved ports. Associate the security group with the appropriate instances. Create a network ACL that denies the required specific ports inbound and denies all ports outbound. Associate the network ACL with the appropriate subnets.
D. Create a security group for each application to allow the application's approved ports. Associate the security group with the appropriate instances. Create an additional security group that denies the required specific ports. Associate the additional security group with the appropriate instances.
Which solution will meet these requirements?
A. Create a network ACL for each application to allow the application's approved ports. Associate the network ACL with the appropriate instances. Create a security group that denies the required specific ports. Associate the security group with the appropriate subnets.
B. Create a security group for each application to allow the application's approved ports. Associate the security group with the appropriate instances. Create a network ACL that denies the required specific ports. Associate the network ACL with the appropriate subnets.
C. Create a security group for each application to allow the application's approved ports. Associate the security group with the appropriate instances. Create a network ACL that denies the required specific ports inbound and denies all ports outbound. Associate the network ACL with the appropriate subnets.
D. Create a security group for each application to allow the application's approved ports. Associate the security group with the appropriate instances. Create an additional security group that denies the required specific ports. Associate the additional security group with the appropriate instances.