A Security Group in AWS acts as a virtual firewall, controlling inbound and outbound traffic at the instance level. It allows you to specify which traffic is permitted to reach your instances.

Security Groups are stateful, meaning they track the state of connections, while Network ACLs are stateless, treating each request independently. This fundamental difference affects how traffic is managed in a network.

Using both Network ACLs and Security Groups provides layered security by allowing multiple levels of filtering for inbound and outbound traffic, enhancing the overall security posture of the network.

A NAT Gateway is required for an EC2 instance in a private subnet to access the internet. It allows outbound internet traffic while keeping the instance secure from direct inbound traffic.

Removing an Internet Gateway from a VPC results in the loss of all public internet access. This means that instances in the VPC can no longer communicate with the internet, affecting any services relying on such connectivity.

Elastic IPs are designed to provide fixed, static IP addresses that can be associated with your cloud resources. This allows for consistent access to your services, even if the underlying infrastructure changes.

Deploying resources across multiple Availability Zones ensures high availability by distributing workloads. If one zone fails, resources in another zone can continue to operate, minimizing downtime.