Your company has a set of Instances that host a web-based application in a subnet of a VPC. There are several similar types of requests coming from an IP address of 52.67.89.10. Your IT Security department has requested that all subsequent requests from this IP address should be blocked. How can you achieve this?

Answer options:

A.Create an Outbound rule for the Security Group for the EC2 Instances to ensure that no traffic goes to that IP.
B.Create an Inbound Rule for the NACL which will deny traffic coming from 52.67.89.10/0.
C.Create an Inbound Rule for the NACL which will deny traffic coming from 52.67.89.10/32.
D.Create an Outbound Rule for the NACL which will deny traffic coming from 52.67.89.10/32.

Correct Answer: C
Since the request is an Inbound request from an IP,it must be stopped at the subnet level. So here, you will add a rule to the Network Access control list.
Option A is incorrect because the rule needs to be added at the subnet level.
Option B is incorrect because this is an invalid CIDR range.
Option D is incorrect because it should be a rule for Inbound traffic.
For more information on Network ACLs, please refer to the below URL-
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html