Networking

Question 1

What does VPC stand for?

Answer 1

Virtual Private Cloud

Question 2

What does VPC do?

Answer 2

Establishes a boundary around your AWS resources

Question 3

What is a subnet?

Answer 3

A subnet is a section of the VPC that you can use to group resources based on security or operational needs

Question 4

Can subnets be public or private?

Answer 4

Yes

Question 5

What is a packet?

Answer 5

A unit of data sent over the internet

Question 6

Name 2 security mechanisms to control traffic?

Answer 6

Network ACLs
Security Groups

Question 7

What is the difference between where Network ACLs and Security Groups operate?

Answer 7

Networks ACLs operate at the subnet level and Security Groups operate at the instance level

Question 8

Are Network ACLs and Security Groups stateful or stateless?

Answer 8

Network ACLs are stateless (require rules for in and out traffic)
Security Groups are stateful (default deny all traffic in and out by default)

Question 9

Default state for Security Group is …

Answer 9

Deny inbound traffic
Allow outbound traffic

Question 10

Describe the order of components from client -> instance

Answer 10

client -> internet -> internet gateway -> cloud -> internet gateway -> vpc -> subnet with instances

Question 11

AWS Direct Connect..

Answer 11

connection between your on-premises data center and a VPC

Question 12

Give an example of a public subnet?

Answer 12

Online store

Question 13

Give an example of a private subnet?

Answer 13

Database

Question 14

What is the default for network ACL?

Answer 14

Allow all traffic in and out (but you can modify by adding your own rules)

Question 15

Can you configure custom rules for network ACLs and security groups?

Answer 15

Yes

Question 16

What is Amazon 53?

Answer 16

route end users to internet apps hosted by aws (helping dns management)

Question 17

What is Domain Name System (DNS) resolution?

Answer 17

DNS resolution is the process of translating a domain name to an IP address

Question 18

What is used to access private resources in a VPC?

Answer 18

A virtual private gateway is used to access private resources in a VPC by creating a VPN

Question 19

Name 2 benefits of AWS Direct Connect

Answer 19

1. Helps reduce network costs
2. Increases the amount of bandwidth that can travel through your network

Question 20

What is the explicit deny rule Network ACLs have?

Answer 20

if a packet doesn’t match any of the other rules on the list, the packet is denied

Question 21

Name a “content delivery service that uses a network of edge locations to cache content and deliver content to customers all over the world”?

Answer 21

CloudFront

Question 22

How does CloudFront and Route 53 work together to deliver content?

Answer 22

Customer makes request ->
Route 53 uses DNS resolution to identify an IP address and sends this info back to the customer ->
Customer’s request sent to nearest edge location through CloudFront ->
CloudFront connects to the App Load Balancer which sends the incoming packet to an EC2 instance

Question 23

A private subnet is a section of a VPC which you can group resources that should only be accessed…

Answer 23

through your private network

Question 24

A security group is a…

Answer 24

“virtual firewall that controls traffic in and out of an EC2 INSTANCE”