Security Groups

Question 1

What does SG stand for?

Answer 1

Security Group

Question 2

In a security group, what inbound traffic is allowed by default?

Answer 2

by default, all inbound traffic is blocked.

Question 3

In a security group, what outbound traffic is allowed by default?

Answer 3

All outbound traffic is allowed

Question 4

When you make a change to a security group, how long does it take for that change to take effect?

Answer 4

Changes to security groups take effect immediately

Question 5

What is the maximum number of EC2 instances that can be associated with a single security group?

Answer 5

Unlimited. You can have any number of EC2 instances within a security group.

Question 6

Can you have multiple security groups attached to an EC2 instance?

Answer 6

Yes

Question 7

What does it mean that security groups are stateful?

Answer 7

If you create an inbound rule allowing traffic in, that traffic is automatically allowed back out again

Question 8

Suppose you need to block a specific IP address from accessing your EC2 instance. How can this be accomplished using Security Groups?

Answer 8

You cannot block specific IP addresses using security groups

_{(Use network access control lists instead)}

Question 9

Can you specify Allow rules in a security group?

Answer 9

Yes

Question 10

Can you specify deny rules in a security group?

Answer 10

NO

Question 11

Can your Security Group allow traffic from EC2 instances based on what Security Group the requesting instance has?

Answer 11

YES

Question 12

Suppose you are trying to connect to an EC2 Instance. The request is timing out but you are not explicitly getting a “connection refused” error. What is a likely explanation?

Answer 12

You may need to check if your Security Group is allowing the incoming traffic