ANS-C01 • Mock Exam 80
Free ANS-C01 mock exam — 25 questions with explanations. Set 80. No signup required.
A network engineer analyzes a VPC Flow Log entry showing an ACCEPT for a TCP connection from 203.0.113.50 (internet) to 10.0.1.5 on port 443. The security group for the instance allows inbound HTTPS only from 10.0.0.0/16, and the NACL for the subnet has the rules shown. Why was the traffic accepted?
Refer to the exhibit. VPC Flow Logs entry: 2 123456789010 eni-12345678 10.0.1.5 203.0.113.50 443 38000 6 20 5000 1450670868 1450670868 ACCEPT OK And the following security group inbound rule: Type: Custom TCP, Protocol: TCP, Port Range: 443, Source: 10.0.0.0/16 And NACL inbound rule: Rule #100: Type: HTTP (80), Protocol: TCP, Port Range: 80, Source: 0.0.0.0/0, Allow Rule #120: Type: HTTPS (443), Protocol: TCP, Port Range: 443, Source: 10.0.0.0/16, Allow Rule #*: Type: All traffic, Protocol: All, Port Range: All, Source: 0.0.0.0/0, Deny