Networking Flashcards
What principle should be used when setting NACL’s and SG’s?
Principle of Least Privilege, only letting the absolute required ports open
Does VPC Support Multicast or Broadcast?
No
Describe Stateless and Stateful IP Connections
Stateful stores data and maintains session (eg: FTP and Telnet)
Stateless check the data and act on it, but don’t store it or maintain a session (eg: Firewall< HTTP, DNS)
What are ephemeral ports?
Temporary connection ports, used for HTTPD, SSHD, FTPD, etc
What is BGP?
Routing protocol for moving traffic between different AS networks (ie: AWS, Google, ISP Networks, etc)
How are routes in a route table prioritised?
The most specific route is chosen
Is Transit peering supported across VPC’s
No
What is transit peering? Does VPC Support it?
Transit peering is data moving between VPC-A to VPC-C without any direct peering request. It isn’t supported
How are peering requests accepted?
They must be manually accepted via the console, then routes must be added for each VPC
What’s the difference between NAT Instances and NAT Gateways
Gateway’s are a fully managed service, Instances are an unmanaged ec2 instance that you have full control over. NAT Gateway’s are HA by default
What is an Egress-Only GW
A GW for allowing outbound IPv6 traffic only. Is stateful, prevents IPv6 inbound
What routing protocols does AWS support other than BGP
None
What are the 2 ways of making Direct Connect redundant?
Cheap: Add a VPN Connection
Expensive: Add a second Direct Connect connection
What’s the difference between Horizontal and Vertical Scaling?
Horizontal is adding new resources, Vertical is increasing the capacity of existing resources
How are IGW’s scaled? Are they Redundant? Do they have bandwidth constraints?
IGW’s are Horizontally scaled
Yes they’re redundant
No bandwidth constraints