Quiz - Chapter 9 - VPC Overview Flashcards

1
Q

How do you scale a NAT Gateway?

A

You don’t. AWS handles this for you.

AWS handles scaling for you

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following items are NOT a part of a VPC?

A

Service Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

By default, what range of IP addresses and ports do security groups leave open for inbound traffic?

A

No inbound ports are open by default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where does a subnet live?

A

Subnets live inside an AZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Your security team will only approve S3 usage if your EC2 instances don’t transmit data over the public internet. What service can you use to comply with this requirement?

A

VPC Endpoints are used to keep your traffic to AWS services out of public networking space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why would you use Transit Gateway over VPC peering?

A

Transit Gateway is designed for when you have too many VPCs to peer together.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Fill in the blank: Network Access Control Lists (NACLs) are ____.

A

NACLs are stateless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Fill in the blank: Security groups are ____.

A

Security groups are stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the IPv4 CIDR block of the default VPC?

A

172.31.0.0/16 is the IPv4 CIDR block for the Default VPC provided by AWS out of the box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the safest way to open up a single API endpoint to another AWS VPC?

A

Use PrivateLink to securely share out your API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly