Advanced VPC

Question 1

What do VPC Flow logs do?

Answer 1

Capture metadata travelling through a VPC

Question 2

What 3 capture points can be used with flow logs?

Answer 2

VPC -> Subnet -> ENI. Data is captured from capture point down.

Question 3

What is the main purpose of an Egress Only Internet Gateway?

Answer 3

Deny all inbound traffic to IPv6 addresses in a VPC

Question 4

VPC Gateway Endpoints provide private access to __ and ________

Answer 4

S3 and DynamoDB

Question 5

What controls what a VPC Gateway Endpoint can acccess?

Answer 5

An Endpoint policy.

Question 6

True or False: You can access S3 buckets in a different region than VPC using VPC Gateway Endpoints.

Answer 6

False

Question 7

What is a VPC Interface Endpoint used for?

Answer 7

Providing private access to AWS Public Services (not S3 DDB)

Question 8

At what level are VPC Interface endpoints attached?

Answer 8

The subnet level.

Question 9

__________ is a direct encrypted network link between EXACTLY two VPCs.

Answer 9

VPC peering

Question 10

True or False: VPC peering is transitive (e.g. A- >B, B->C => A->C)

Answer 10

False