Networking

Question 1

What does Amazon VPC stands for?

Answer 1

Amazon Virtual Private Cloud

Question 2

What is the abbreviation of Amazon Virtual Private Cloud?

Answer 2

Amazon VPC

Question 3

What is Amazon Virtual Private Cloud(Amazon VPC) used for?

Answer 3

To establish boundaries around your AWS resources

Question 4

What do you use to to establish boundaries around your AWS resources?

Answer 4

Amazon Virtual Private Cloud(Amazon VPC)

Question 5

How do you organize your resources in VPC?

Answer 5

With the help of subnets.

Question 6

What do you need to attach to your VPC to allow public traffic from the internet?

Answer 6

Internet Gateway

Question 7

What is Internet Gateway used for ?

Answer 7

You attach Internet Gateway to your VPC so you can allow public traffic from the internet

Question 8

What do you use to access private resources in your VPC?

Answer 8

Virtual Private Gateway

Question 9

What is Virtual Private Gateway used for?

Answer 9

To access private resources in your VPC

Question 10

What does virtual private gateway enable you to establish?

Answer 10

A corporate data center routes network traffic over a VPN connection to a virtual private gateway, which is attached to a VPC

A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network. A virtual private gateway allows traffic into the VPC only if it is coming from an approved network.

Question 11

What is AWS Direct Connect used for?

Answer 11

AWS Direct Connect (opens in a new tab) is a service that lets you to establish a dedicated private connection between your data center and a VPC.

Question 12

What service is used to establish a dedicated private connection between your data center and a VPC?

Answer 12

AWS Direct Connect

Question 13

What is a subnet?

Answer 13

A subnet is a section of a VPC in which you can group resources based on security or operational needs. Subnets can be public or private

Question 14

Which thing is a section of a VPC in which you can group resources based on security or operational needs. It can also be public or private?

Answer 14

Subnet/s

Question 15

What is a packet?

Answer 15

Unit of data sent over the internet or a network.

Question 16

What is called a unit of data that is sent over the internet or a network?

Answer 16

A packet.

Question 17

Through what a packet enters a VPC?

Answer 17

Internet Gateway

Question 18

What passes through a Internet Gateway?

Answer 18

A packet.

Question 19

What does the packet have to check for before entering or exiting a subnet ?

Answer 19

It checks for permissions.

Question 20

What is the VPC component that checks packet permissions for subnets?

Answer 20

Network Access Control Lists (ACL)

Question 21

What does Network Access Control Lists (ACL) check for?

Answer 21

It checks for packet permissions for a subnet.

Question 22

What is network ACL?

Answer 22

Virtual firewall that controls inbound and outbound traffic at the subnet level.

Question 23

It is a virtual firewall that controls inbound and outbound at the subnet level, how do we call that?

Answer 23

Network ACL

Question 24

By default your account’s default network ACL allows all inbound and outbound traffic, but you can modify it by adding your own rules ? (YES/NO)

Answer 24

Yes

Question 25

What kind of packet filtering do Network ACLs perform?

Answer 25

Stateless packet filtering

Question 26

What does stateless packet filtering mean for ACLs?

Answer 26

They remember nothing and check packets that cross the subnet border each way :inbound and outbound.

Question 27

After a packet has entered a subnet what does it need to have for the resources in that subnet?

Answer 27

Permission/s.

Question 28

What is the VPC component that checks for packet permissions ( such as for an Amazon EC2 instance) ?

Answer 28

Security group

Question 29

What is security group?

Answer 29

A VPC component that checks for packet permissions.

Question 30

By default, a security group denies all inbound traffic and allows all outbound traffic. You can add custom rules to configure which traffic should be allowed; any other traffic would then be denied. Yes or No?

Answer 30

Yes

Question 31

If you have multiple Amazon EC2 instances within the same VPC, you can associate them with the same security group or use different security groups for each instance. Yes or No?

Answer 31

Yes

Question 32

What kind of packet filtering do security groups perform?

Answer 32

Stateful packet filtering

Question 33

What does stateful packet filtering mean for security groups?

Answer 33

It means that they remember previous decisions made for incoming packets.

Question 34

Which statement best describes an AWS account’s default network access control list?

It is stateless and denies all inbound and outbound traffic.
It is stateful and allows all inbound and outbound traffic.
It is stateless and allows all inbound and outbound traffic.
It is stateful and denies all inbound and outbound traffic.

Answer 34

It is stateless and allows all inbound and outbound traffic.

Question 35

What is Amazon Route 53?

Answer 35

Amazon’s DNS

Question 36

Can you use Amazon Route 53 to register domain names?

Answer 36

Yes

Question 37

Can you also transfer DNS records for existing domain names managed by other domain registrars in Amazon Route 53?

Answer 37

Yes

Question 38

Which statement best describes DNS resolution?

Launching resources in a virtual network that you define
Storing local copies of content at edge locations around the world
Connecting a VPC to the internet
Translating a domain name to an IP address

Answer 38

Translating a domain name to an IP address

Question 39

Your company has an application that uses Amazon EC2 instances to run the customer-facing website and Amazon RDS database instances to store customers’ personal information. How should the developer configure the VPC according to best practices?

Place the Amazon EC2 instances in a private subnet and the Amazon RDS database instances in a public subnet.
Place the Amazon EC2 instances in a public subnet and the Amazon RDS database instances in a private subnet.
Place the Amazon EC2 instances and the Amazon RDS database instances in a public subnet.
Place the Amazon EC2 instances and the Amazon RDS database instances in a private subnet.

Answer 39

Place the Amazon EC2 instances in a public subnet and the Amazon RDS database instances in a private subnet.

Question 40

Which component can be used to establish a private dedicated connection between your company’s data center and AWS?

Private subnet
DNS
AWS Direct Connect
Virtual private gateway

Answer 40

AWS Direct Connect

Question 41

Which statement best describes security groups?

They are stateful and deny all inbound traffic by default.
They are stateful and allow all inbound traffic by default.
They are stateless and deny all inbound traffic by default.
They are stateless and allow all inbound traffic by default.

Answer 41

They are stateful and deny all inbound traffic by default.

Question 42

Which component is used to connect a VPC to the internet?

Public subnet
Edge location
Security group
Internet gateway

Answer 42

Internet gateway

Question 43

Which service is used to manage the DNS records for domain names?

Amazon Virtual Private Cloud
AWS Direct Connect
Amazon CloudFront
Amazon Route 53

Answer 43

Amazon Route 53