I'm currently studying for comptia cloud exam and I can't seem to decide the best answer for the following question.
I know it will be either security groups or network ACLs but which one is better in this case and why?
A cloud arhitect is asked to isolate traffic between subnets in an IaaS.The networks still have to communicate with each other. Which one would you implement?
a.Configure security groups
d.configurre network ACLs.
The only possible solution is an ACL.
A security group is simply a collection of hosts or subnets. It in itself doesn't limit traffic.
but ACL would block the traffic between the networks(at lest thats my understanding of ACLs) and the questions states that they still should be able to communicate...