CLF-C02 - Security and Compliance - Section 2.7
Describe AWS network security features and services, including security groups, network access control lists, AWS WAF and AWS Shield.
Describe the role of security groups as stateful, instance-level firewalls and network access control lists as stateless, subnet-level controls, and explain how the two layers work together. Distinguish AWS WAF, which filters malicious web traffic at the application layer, from AWS Shield, which provides DDoS protection at the network and transport layers.
Security groupsNetwork ACLsAWS WAFAWS Shield
More in this domain
Back to all Security and Compliance objectives, or the CLF-C02 cert hub.
Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.