Networking Flashcards
What is the difference between a Security Group and a Network ACL?
A Security Group is “stateful” while a Network ACL is “stateless”. Stateful means it has a memory of who was provided access and entered and therefore does NOT check upon leaving (e.g. Doorman) , while Stateless does not remember and checks upon entry and exit (e.g. Passport Control).
Security Group manages traffic permission for instances.
Network ACL control traffic permission for the entire subnet.
What is a Virtual Private Cloud (VPC)?
A virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined.
What is an Internet Gateway (IGW)?
An internet gateway is a connection between a VPC and the internet. You can think of an internet gateway as being similar to a doorway that customers use to enter the coffee shop. Without an internet gateway, no one can access the resources within your VPC.
What is a Virtual Private Gateway (VPG)?
A virtual private gateway allows access to your Virtual Private Cloud through a Virtual Private Network (VPN). It will block access from users not on the VPN (i.e. regular internet).
What is a Subnet?
A subnet is a section of a VPC in which you can group resources based on security or operational needs. Subnets can be public or private.
Public subnets contain resources that need to be accessible by the public, such as an online store’s website.
Private subnets contain resources that should be accessible only through your private network, such as a database that contains customers’ personal information and order histories.
What is a network access control list (Network ACL)?
A network access control list (ACL) is a virtual firewall that controls inbound and outbound traffic at the subnet level.
What is a security group?
A security group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.
What is the default setting for Network ACL?
It is stateless and allows all inbound and outbound traffic.
What is a Domain Name Service resolution?
Translating a domain name to an IP address. This allows a customer who enters Amazon.com into a web browser to access the website which is hosted on AWS Cloud.
What is Amazon Route 53?
Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications hosted in AWS.
Amazon Route 53 connects user requests to infrastructure running in AWS (such as Amazon EC2 instances and load balancers). It can route users to infrastructure outside of AWS.
