Networking Flashcards

1
Q

Q: Which solution will meet the requirement of allowing Amazon EC2 instances in a private subnet to access an Amazon S3 bucket without using the public internet?

A

A: Create a gateway VPC endpoint for Amazon S3. Configure the route table for the private subnet to use the gateway endpoint as the route for all S3 traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Q: How should a solutions architect design a secure network architecture to allow communication between two VPCs in different AWS accounts?

A

A: Set up a VPC peering connection between the VPCs. Update the route tables of each VPC to use the VPC peering connection for inter-VPC communication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Q: What should a solutions architect do to enable secure communication between an on-premises data center and resources in a VPC without exposing the on-premises network to the public internet?

A

A: Configure an AWS Direct Connect connection from the on-premises data center to the VPC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Q: How should a solutions architect design a highly available and fault-tolerant network architecture for an application that requires internet access from instances in private subnets?

A

A: Deploy a NAT gateway in a public subnet. Modify the route table for the private subnets to use the NAT gateway as the default route for internet access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Q: What should a solutions architect do to allow an Amazon EC2 instance in a private subnet to access an on-premises database securely without using the public internet?

A

A: Configure a VPC peering connection between the VPC and the on-premises network. Update the route tables accordingly to enable the private subnet access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Q: How should a solutions architect design a network architecture to connect multiple VPCs across AWS Regions in the most operationally efficient way?

A

A: Use AWS Transit Gateway to manage VPC communication in a single Region and enable Transit Gateway peering across Regions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Q: What should a solutions architect do to ensure that network traffic between Amazon EC2 instances in a VPC and an external application does not traverse the public internet?

A

A: Create a VPC endpoint for the external service and update the route tables to route the traffic through the VPC endpoint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly