Practice Test 2 | AWS Certified Cloud Practitioner | CLF-C01 | Dumps | Mock Test

Answer: C

• Option A is INCORRECT. Virtual Private Cloud (VPC) is a virtual network that lets us launch AWS resources in the defined virtual network.
• Option B is INCORRECT. Configure transitive VPC peering is invalid as this is not supported in AWS.
• Option C is CORRECT. NACLs can be configured to enhance the security at the subnet level.
• Option D is INCORRECT. Security Group acts as a virtual firewall by controlling the traffic both inbound and outbound. Security group acts at the instance level.

Reference:  

• https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html
• https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html
• https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html
• https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html