Advanced Networking

Question 1

Q: What is Amazon VPC?

Answer 1

A: A service that allows you to launch AWS resources in a logically isolated virtual network.

Question 2

Q: What are subnets in a VPC?

Answer 2

A: Subdivisions of a VPC where resources are launched, which can be public, private, or dedicated.

Question 3

Q: What is a CIDR block in networking?

Answer 3

A: Classless Inter-Domain Routing (CIDR) defines the IP address range for a VPC or subnet (e.g., 10.0.0.0/16).

Question 4

Q: What is a route table in a VPC?

Answer 4

A: A set of rules (routes) that determines the flow of network traffic within a VPC.

Question 5

Q: What is an Internet Gateway in a VPC?

Answer 5

A: A gateway that allows instances in a VPC to connect to the internet.

Question 6

Q: What is a NAT Gateway?

Answer 6

A: A managed service that enables instances in a private subnet to access the internet while remaining inaccessible from the internet.

Question 7

Q: What is an Elastic IP address in AWS?

Answer 7

A: A static, public IPv4 address that can be assigned to resources in AWS for consistent external reachability.

Question 8

Q: What are VPC Endpoints?

Answer 8

A: Private connections that enable communication between VPC resources and AWS services without using the internet.

Question 9

Q: What is VPC Peering?

Answer 9

A: A connection between two VPCs to enable traffic routing between them using private IP addresses.

Question 10

Q: What is AWS Transit Gateway?

Answer 10

A: A service that acts as a hub to connect multiple VPCs and on-premises networks via a central point.

Question 11

Q: What is AWS Direct Connect?

Answer 11

A: A dedicated, private connection between your on-premises data center and AWS, offering high bandwidth and low latency.

Question 12

Q: What are VPN connections in AWS?

Answer 12

A: Secure connections between an on-premises network and AWS using IPsec tunnels.

Question 13

Q: What are NACLs in a VPC?

Answer 13

A: Stateless firewalls at the subnet level that control inbound and outbound traffic.

Question 14

Q: What are security groups in AWS?

Answer 14

A: Stateful firewalls that control inbound and outbound traffic for instances.

Question 15

Q: What is AWS Global Accelerator?

Answer 15

A: A service that improves the availability and performance of applications by routing traffic through AWS’s global network.

Question 16

Q: What are Elastic Load Balancers?

Answer 16

A: Services that distribute incoming traffic across multiple targets, such as EC2 instances, containers, and IP addresses.

Question 17

Q: What is AWS PrivateLink?

Answer 17

A: A service for creating private connectivity between VPCs and AWS services or third-party applications.

Question 18

Q: How is IPv6 supported in AWS?

Answer 18

A: IPv6 is natively supported for VPCs, subnets, and AWS services, providing global reachability without NAT.

Question 19

Q: What is AWS Wavelength?

Answer 19

A: A service that enables developers to deploy applications with ultra-low latency at the edge of 5G networks.

Question 20

Q: What are VPC Flow Logs?

Answer 20

A: Logs that capture information about IP traffic to and from network interfaces in a VPC.

Question 21

Q: What is an Elastic Network Interface?

Answer 21

A: A logical network interface that can be attached to EC2 instances in a VPC.

Question 22

Q: What is a Network Load Balancer?

Answer 22

A: A load balancer that handles millions of requests per second at ultra-low latency for TCP and UDP traffic.

Question 23

Q: What is cross-region VPC peering?

Answer 23

A: A peering connection that allows traffic between VPCs in different AWS Regions.

Question 24

Q: What is AWS App Mesh?

Answer 24

A: A service mesh that provides application-level networking to control and monitor communication between services.

Question 25

Q: What is VPC Sharing?

Answer 25

A: A feature that allows multiple AWS accounts to use subnets in a shared VPC for better resource management.

Question 26

Q: What is an egress-only internet gateway?

Answer 26

A: A gateway that allows outbound-only traffic from IPv6-enabled instances in a VPC.

Question 27

Q: What is traffic mirroring in AWS?

Answer 27

A: A feature that captures and inspects network traffic from ENIs for analysis or monitoring.

Question 28

Q: What is AWS Cloud WAN?

Answer 28

A: A managed WAN service that connects on-premises data centers, branch offices, and cloud resources.

Question 29

Q: What networking features support high availability in AWS?

Answer 29

A: Multi-AZ deployments, Elastic Load Balancers, Transit Gateways, and Cross-Region Replication.

Question 30

Q: How is DNS handled in AWS?

Answer 30

A: Using Amazon Route 53, a scalable Domain Name System for managing domain names and routing traffic.

Question 31

Q: What routing policies are supported in Route 53?

Answer 31

A: Simple, Weighted, Latency-Based, Failover, Geolocation, Geoproximity, and Multivalue Answer.

Question 32

Q: How does AWS Outposts handle networking?

Answer 32

A: By extending VPCs to on-premises environments and providing seamless integration with AWS services.

Question 33

Q: What are Jumbo Frames in AWS networking?
`

Answer 33

A: Frames with MTU of up to 9001 bytes, supported for enhanced data throughput in VPCs.

Question 34

Q: What is the difference between Transit Gateway and VPC Peering?

Answer 34

A: Transit Gateway acts as a central hub for many VPCs and on-premises networks, while VPC Peering establishes a direct connection between two VPCs.

Question 35

Q: How is cross-account networking managed in AWS?

Answer 35

A: Using resource-based policies, shared VPCs, and AWS PrivateLink.

Question 36

Q: What is AWS Network Access Analyzer?

Answer 36

A: A tool to identify and validate unintended network access paths in VPC configurations.

Question 37

Q: What is AWS Site-to-Site VPN?

Answer 37

A: A service that creates a secure IPsec tunnel between an on-premises network and an AWS VPC.

Question 38

Q: What is AWS Firewall Manager?

Answer 38

A: A service for managing firewall rules across multiple accounts and VPCs.

Question 39

Q: What is the difference between a NAT Gateway and a NAT Instance?

Answer 39

A: A NAT Gateway is a managed service, while a NAT Instance is a manually configured EC2 instance for routing traffic.

Question 40

Q: How do IPv4 and IPv6 differ in AWS networking?

Answer 40

A: IPv4 is widely used but limited in address space, while IPv6 provides a larger address space and supports direct internet access without NAT.