Networking Basics

Question 1

Q: What is Amazon VPC?

Answer 1

A: Amazon Virtual Private Cloud (VPC) allows you to provision a logically isolated network for AWS resources.

Question 2

Q: What are subnets in AWS VPC?

Answer 2

A: Subnets are subdivisions of a VPC, used to segment the network and isolate resources. They can be public or private.

Question 3

Q: What is the difference between public and private subnets?

Answer 3

A: Public subnets have access to the internet via an Internet Gateway, while private subnets do not.

Question 4

Q: What is CIDR in AWS networking?

Answer 4

A: Classless Inter-Domain Routing (CIDR) defines IP address ranges for your VPC and subnets (e.g., 10.0.0.0/16).

Question 5

Q: What is an Internet Gateway in AWS?

Answer 5

A: A gateway that allows instances in a VPC to access the internet.

Question 6

Q: What is a NAT Gateway?

Answer 6

A: A managed service that enables instances in a private subnet to access the internet for outgoing requests.

Question 7

Q: What are route tables in a VPC?

Answer 7

A: Rules that determine how network traffic is directed within a VPC and to external networks.

Question 8

Q: What are security groups in AWS?

Answer 8

A: Virtual firewalls that control inbound and outbound traffic for resources like EC2 instances.

Question 9

Q: What are NACLs in AWS?

Answer 9

A: Stateless firewalls that control inbound and outbound traffic at the subnet level.

Question 10

Q: What is an Elastic IP address?

Answer 10

A: A static IPv4 address designed for dynamic cloud computing, assignable to AWS resources.

Question 11

Q: What is AWS Direct Connect?

Answer 11

A: A dedicated network connection between your on-premises data center and AWS.

Question 12

Q: What is AWS Transit Gateway?

Answer 12

A: A service that enables interconnecting multiple VPCs and on-premises networks through a single gateway.

Question 13

Q: What is a VPN Gateway?

Answer 13

A: A virtual gateway that connects a VPC to an on-premises network using a VPN connection.

Question 14

Q: What is VPC Peering?

Answer 14

A: A connection that allows traffic between two VPCs using private IPs.

Question 15

Q: What is AWS Global Accelerator?

Answer 15

A: A service that improves the performance of global applications by routing traffic through AWS’s global network.

Question 16

Q: What is an Elastic Load Balancer?

Answer 16

A: A managed service that distributes incoming application traffic across multiple targets, like EC2 instances or containers.

Question 17

Q: What is AWS WAF?

Answer 17

A: AWS Web Application Firewall is a service that protects applications from common web exploits and attacks.

Question 18

Q: What is a CDN, and which AWS service provides it?

Answer 18

A: A CDN delivers content with low latency to users worldwide. AWS provides this via Amazon CloudFront.

Question 19

Q: What is the difference between IPv4 and IPv6?

Answer 19

A: IPv4 uses 32-bit addresses, while IPv6 uses 128-bit addresses, providing a larger address space.

Question 20

Q: What is Amazon Route 53?

Answer 20

A: A scalable domain name system (DNS) service for domain registration, routing, and health checks.

Question 21

Q: What are VPC Flow Logs?

Answer 21

A: A feature that captures information about the IP traffic going to and from network interfaces in your VPC.

Question 22

Q: What is the difference between a NAT instance and a NAT Gateway?

Answer 22

A: A NAT instance is manually configured EC2, while a NAT Gateway is a fully managed service with better performance and scalability.

Question 23

Q: What are VPC endpoints?

Answer 23

A: Private connections between a VPC and AWS services without using the public internet.

Question 24

Q: What is an Interface Endpoint?

Answer 24

A: Private connections between a VPC and AWS services without using the public internet.

Question 25

Q: What is an Interface Endpoint?

Answer 25

A: A VPC endpoint that uses a private IP to connect to AWS services via Elastic Network Interfaces (ENIs).

Question 26

Q: What is a Gateway Endpoint?

Answer 26

A: A VPC endpoint that provides private access to S3 and DynamoDB.

Question 27

Q: What is an Elastic Network Interface?

Answer 27

A: A virtual network interface that can be attached to an instance in a VPC.

Question 28

Q: What is AWS Outposts?

Answer 28

A: A fully managed service that brings AWS infrastructure and services to your on-premises data center.

Question 29

Q: What is the role of BGP in AWS networking?

Answer 29

A: Border Gateway Protocol (BGP) is used to exchange routing information between AWS and on-premises networks.

Question 30

Q: What is traffic mirroring in AWS?

Answer 30

A: A feature that allows you to replicate network traffic from ENIs for monitoring and troubleshooting.

Question 31

Q: What is AWS PrivateLink?

Answer 31

A: A service that enables private connectivity between VPCs and supported AWS or SaaS services.

Question 32

Q: What are best practices for securing AWS networking?

Answer 32

A: Use least privilege with security groups, enable NACLs, implement VPC Flow Logs, and encrypt data in transit.

Question 33

Q: How do NACLs differ from security groups?

Answer 33

A: NACLs are stateless and operate at the subnet level, while security groups are stateful and operate at the instance level.

Question 34

Q: What is cross-region VPC peering?

Answer 34

A: A feature that allows you to connect VPCs in different AWS regions.

Question 35

Q: How do you ensure high availability in AWS networking?

Answer 35

A: Use multiple subnets across Availability Zones, load balancers, and Multi-AZ deployments.

Question 36

Q: What is a Network Load Balancer?

Answer 36

A: A load balancer designed to handle millions of requests per second at ultra-low latency.