A cloud administrator is deploying several Linux virtual machines into a new virtual private cloud (VPC). Before exposing the instances to users, the administrator must create and attach security groups. Which statement best describes the primary function that these security groups provide in a cloud environment?
They specify the encryption algorithms that must be used for data at rest in the cloud storage services.
They determine the geographical regions where the cloud provider is authorized to store data.
They are used to group user accounts into a single administrative unit for assigning permissions across multiple resources.
They define rules for controlling network traffic to and from resources within a cloud environment.
Security groups in cloud platforms act as virtual firewalls that inspect and filter both inbound and outbound network traffic to the associated resources. Administrators create rules that explicitly allow or deny traffic based on IP address ranges, port numbers, and protocols. Their role is network access control, whereas user account grouping, encryption policy definition, and data-residency selection are handled by other, separate cloud features.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How do security groups differ from traditional firewalls?
Open an interactive chat with Bash
What is the difference between a security group and a Network ACL (Access Control List)?
Open an interactive chat with Bash
How do I configure security group rules for a resource in cloud computing?