Networking Flashcards

1
Q

What principle should be used when setting NACL’s and SG’s?

A

Principle of Least Privilege, only letting the absolute required ports open

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Does VPC Support Multicast or Broadcast?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe Stateless and Stateful IP Connections

A

Stateful stores data and maintains session (eg: FTP and Telnet)
Stateless check the data and act on it, but don’t store it or maintain a session (eg: Firewall< HTTP, DNS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are ephemeral ports?

A

Temporary connection ports, used for HTTPD, SSHD, FTPD, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is BGP?

A

Routing protocol for moving traffic between different AS networks (ie: AWS, Google, ISP Networks, etc)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How are routes in a route table prioritised?

A

The most specific route is chosen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Is Transit peering supported across VPC’s

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is transit peering? Does VPC Support it?

A

Transit peering is data moving between VPC-A to VPC-C without any direct peering request. It isn’t supported

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How are peering requests accepted?

A

They must be manually accepted via the console, then routes must be added for each VPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What’s the difference between NAT Instances and NAT Gateways

A

Gateway’s are a fully managed service, Instances are an unmanaged ec2 instance that you have full control over. NAT Gateway’s are HA by default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an Egress-Only GW

A

A GW for allowing outbound IPv6 traffic only. Is stateful, prevents IPv6 inbound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What routing protocols does AWS support other than BGP

A

None

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the 2 ways of making Direct Connect redundant?

A

Cheap: Add a VPN Connection
Expensive: Add a second Direct Connect connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What’s the difference between Horizontal and Vertical Scaling?

A

Horizontal is adding new resources, Vertical is increasing the capacity of existing resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How are IGW’s scaled? Are they Redundant? Do they have bandwidth constraints?

A

IGW’s are Horizontally scaled
Yes they’re redundant
No bandwidth constraints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Do NAT’s have bandwidth constraints

A

Yes, they do

17
Q

Can VPC’s have multiple NAT’s across AZ’s and Subnets? If so, how and why?

A

Yes, must define routes properly, useful for adding scale and redundancy

18
Q

Explain Sticky Sessions

A

Tool within ALB’s. Uses cookies to ensure a user/session goes to the same server within ALB’s target group.

19
Q

What are the 3 Load Balancer types and which OSI layer do they work on

A

Application LB - Layer 7 / Application
Network LB - Layer 3 / Network
Classical LB - Layer 4 / TCP IP

20
Q

Are Mesh or Hub & Spoke architectures supported?

A

Yes, with proper NACL and Routing setup