AWS Solutions Architect Associate Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the AWS Solutions Architect Associate Test. Our comprehensive quiz offers multiple-choice questions that replicate the exam environment. Benefit from detailed explanations and hints. Prepare confidently for your AWS certification exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.


When creating a new security group in AWS, which of the following statements is true?

  1. All inbound traffic is allowed by default

  2. All outbound traffic is blocked by default

  3. All inbound traffic is blocked by default

  4. All types of traffic are allowed by default

The correct answer is: All inbound traffic is blocked by default

When a new security group is created in AWS, it is important to understand the default rules associated with it. By default, all inbound traffic is blocked. This means that unless specific inbound rules are configured to allow certain types of traffic, no incoming traffic will be permitted through the security group. This principle is a core part of AWS's security model, which emphasizes a least privilege approach. In contrast, outbound traffic is allowed by default, which means that by creating a new security group, the newly defined security group will permit instances associated with it to initiate outbound connections unless stated otherwise. This model allows flexibility for instances to communicate freely with external services while ensuring that incoming traffic is tightly controlled. Therefore, the correct answer highlights that a newly created security group will not accept inbound traffic unless rules are explicitly added to allow that traffic, establishing a secure starting point for users to define their network access according to their requirements and security policies.