Networking

Question 1

What establishes boundaries around your AWS resources?

Answer 1

Amazon Virtual Private Cloud (VPC)

Question 2

How can public traffic get past your VPC?

Answer 2

Through an internet gateway

Question 3

How can your private traffic get past your VPC?

Answer 3

Through a virtual private gateway that connects your VPC with your internal corporate network.

Question 4

What does AWS Direct Connect do?

Answer 4

Reduces network costs
Increases bandwidth available for your network
Provides a dedicated connection between your data center directly to the VPC

Question 5

How do you isolate resources within a VPC for security or operational purposes?

Answer 5

Place them in a subnet. Subnets isolate databases containing customers’ personal information. Public subnets support customer-facing interfaces (e.g. your website)

Question 6

What is a Network access control list (ACL)?

Answer 6

A component of a VPC that checks packet permissions for access to subnets.
An ACL is a virtual firewall at the subnet level

Question 7

Is a network ACL stateless or stateful?

Answer 7

Network ACLs perform stateless packet filtering. They remember nothing. By default, they allow all inbound AND outbound traffic, but are configurable.

Question 8

What checks permissions at the instance level?

Answer 8

The security group. By default, a security group denies all inbound traffic and allows all outbound traffic.

Question 9

Are security groups stateless or stateful?

Answer 9

Security groups perform stateful packet filtering. They remember previous decisions made for incoming packets.

Question 10

What is Amazon Route 53?

Answer 10

A DNS (domain name service)
Route 53 directs traffic to your website, and can manage all your domain names in one place.

Question 11

What is DNS resolution?

Answer 11

Translating a domain name into an IP address