10 - The Core Networking Services

Question 1

What is the primary function of networking in AWS?

Answer 1

Transporting data to and from AWS resources

Question 2

Name three core networking services offered by AWS.

Answer 2

• Virtual Private Cloud
• Route 53
• CloudFront

Question 3

What does Amazon Virtual Private Cloud (VPC) provide?

Answer 3

The network backbone for many AWS services

Question 4

What is a virtual private cloud?

Answer 4

A virtual network in the AWS cloud that’s logically isolated from other networks

Question 5

What is the CIDR of the default VPC in AWS?

Answer 5

172.31.0.0/16

Question 6

What does the ‘/16’ in a CIDR block refer to?

Answer 6

The size of the CIDR

Question 7

What must be defined for each subnet in a VPC?

Answer 7

A CIDR that is a subset of the VPC CIDR

Question 8

What is an Internet gateway in a VPC?

Answer 8

A resource that allows EC2 instances to obtain a public IP address and access the Internet

Question 9

What is a public subnet?

Answer 9

A subnet with a default route to an Internet gateway

Question 10

What is a security group in AWS?

Answer 10

A firewall that determines what network traffic can pass into and out of an instance

Question 11

True or False: By default, security groups contain inbound rules.

Answer 11

False

Question 12

What is a network access control list (NACL)?

Answer 12

A firewall that operates at the subnet level

Question 13

What does a VPC peering connection allow?

Answer 13

Private communication between two VPCs over the AWS private network

Question 14

What is a virtual private network (VPN) in AWS?

Answer 14

A secure connection that connects a VPC to an external network

Question 15

What encryption methods are used for VPN connections in AWS?

Answer 15

• AES 128-bit
• AES 256-bit

Question 16

What is Direct Connect in AWS?

Answer 16

Private network connectivity to your VPC and public services without using the Internet

Question 17

What is AWS Global Accelerator?

Answer 17

A service that provides anycast static IPv4 addresses to route traffic to resources in any region

Question 18

What is AWS Network Firewall?

Answer 18

A scalable firewall that protects multiple VPCs and subnets

Question 19

What does AWS Firewall Manager do?

Answer 19

Configures and applies a consistent set of security rules across AWS organizations

Question 20

What is the AWS Web Application Firewall (WAF) used for?

Answer 20

Monitoring HTTP and HTTPS requests to protect applications from common exploits

Question 21

What is Route 53?

Answer 21

Amazon’s global Domain Name System (DNS) service

Question 22

What is the process of translating a domain name to an IP address called?

Answer 22

Name resolution

Question 23

What are resource records in DNS?

Answer 23

Mappings for different types of data including IPv4 addresses, mail servers, etc.

Question 24

What is required to ensure no two entities use the same domain name?

Answer 24

Registration with a domain registrar

Question 25

True or False: Domain name registration and DNS hosting are the same function.

Answer 25

False

Question 26

What is the process to transfer a domain to Route 53?

Answer 26

Transferring a domain entails extending the registration by at least one year.

Question 27

What are the two distinct functions of domain name registration and DNS hosting?

Answer 27

Domain name registration gives control over the domain, while DNS hosting specifies the service for the domain.

Question 28

What does Route 53 provide as both a registrar and a DNS hosting provider?

Answer 28

Route 53 is both a registrar and a DNS hosting provider.

Question 29

What must you create to have Route 53 host the DNS for a public domain name?

Answer 29

You create a public hosted zone and specify the domain name.

Question 30

What is a private hosted zone in Route 53?

Answer 30

A private hosted zone provides DNS resolution for a single domain name within multiple VPCs.

Question 31

How can you define user-friendly domain names in a private hosted zone?

Answer 31

You can define a record in a private hosted zone that points to resource IP addresses.

Question 32

What is the default routing policy in Route 53?

Answer 32

The Simple routing policy.

Question 33

What does a Weighted routing policy do?

Answer 33

It distributes traffic across multiple resources according to a ratio.

Question 34

What is the purpose of a Latency routing policy?

Answer 34

To send users to resources in the AWS region that’s closest to them.

Question 35

What does a Failover routing policy accomplish?

Answer 35

Routes traffic to a primary resource unless it’s unavailable, then redirects to a secondary resource.

Question 36

What is the function of a Geolocation routing policy?

Answer 36

Routes users based on their specific continent, country, or state.

Question 37

What is a Multivalue Answer routing policy?

Answer 37

It allows even distribution of traffic across multiple resources and returns all records in random order.

Question 38

What can health checks monitor in Route 53?

Answer 38

An endpoint, a CloudWatch alarm, or another health check.

Question 39

How often do health checks occur in Route 53?

Answer 39

Every 10 seconds or 30 seconds.

Question 40

What is the purpose of an Endpoint health check?

Answer 40

To connect to the endpoint via HTTP, HTTPS, or TCP to monitor its reachability.

Question 41

What does a CloudWatch Alarm health check monitor?

Answer 41

The status of a CloudWatch alarm to determine resource health.

Question 42

What is a Calculated health check?

Answer 42

Monitors the status of other health checks.

Question 43

What is the benefit of using Route 53 Traffic Flow?

Answer 43

It simplifies complex routing scenarios by using a visual editor.

Question 44

What additional routing policy does Traffic Flow offer?

Answer 44

Geoproximity routing policy.

Question 45

What is Amazon CloudFront?

Answer 45

A content delivery network (CDN) that delivers static and dynamic web content faster.

Question 46

How does CloudFront improve content delivery?

Answer 46

By caching content in edge locations around the world.

Question 47

What are the two types of distributions in CloudFront?

Answer 47

* Web distribution * RTMP distribution

Question 48

What is required to set up a Web distribution in CloudFront?

Answer 48

You must specify an origin to act as the authoritative source for your content.

Question 49

What does a Real-Time Messaging Protocol (RTMP) distribution deliver?

Answer 49

Streaming video or audio content to end users.

Question 50

What are key components of a Virtual Private Cloud (VPC)?

Answer 50

* One subnet * Security groups * Network access control lists (NACLs) * Internet gateways

Question 51

What are the connection options available for resources in a VPC?

Answer 51

* Internet * Direct Connect * VPC peering * VPN connection

Question 52

What is the difference between a Route 53 public hosted zone and a private hosted zone?

Answer 52

A public hosted zone allows anyone on the Internet to resolve records, while a private hosted zone allows resolution only from resources within associated VPCs.

Question 53

How does CloudFront enhance the speed of content delivery?

Answer 53

By caching objects in edge locations and directing users to the best performing edge location.

Question 54

True or False: You can select individual edge locations in CloudFront.

Answer 54

False