You are currently experiencing an attack on your EC2 Instances located in a subnet. At the moment , the IT security department is to stop the attack. The default NACL’s have been setup on the subnet. Which of the following commands would you issue to mitigate the attack for the moment?

Answer options:

A.AWS ec2 delete-network-acl-entry
B.AWS ec2 create-network-acl-entry
C.AWS ec2 rename-network-acl-entry
D.AWS ec2 change-network-acl-entry

Answer - A
Since the default rules of the NACL is to allow all traffic , the best option first would be to delete the default rule from the NACL to block all traffic
An example of the command is shown below
aws ec2 delete-network-acl-entry --network-acl-id acl-5fb85d36 --ingress --rule-number 100
For more information on the command , please visit the below URL:
http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-network-acl-entry.html