VPC

Question 1

what is an example of a netmask for vpc?

Answer 1

/24
/21

Question 2

what is the netmask of a micro vpc

Answer 2

/24

Question 3

what is the netmask of a small vpc

Answer 3

/21

Question 4

what is the netmask of a medium vpc

Answer 4

/19

Question 5

what is the netmask of a large vpc

Answer 5

/18

Question 6

what is the netmask of an extra large vpc

Answer 6

/16

Question 7

when determining VPC size what is necessary

Answer 7

How many subnets needed
How many total ips, and how many ip per subnet

Question 8

Controls whether resources created inside the VPC are provisioned on shared hardware or dedicated hardware

Answer 8

Tenancy

Question 9

Is DNS in a VPC provided by Route53?

Answer 9

Yes

Question 10

Can a subnet be in multiple AZ?

Answer 10

No

Question 11

Can an AZ have more than one subnet?

Answer 11

Yes

Question 12

Can subnets overlap with eachother?

Answer 12

No

Question 13

First IP in any subnet that is reserved (ex.10.16.16.0)

Answer 13

Networking Address

Question 14

IP that is reserved after the Networking Address used by the VPC router, the Second address in a subnet (ex.10.16.16.1)

Answer 14

Network +1 Address

Question 15

IP that is used for the DNS reservation, Third address in a subnet (ex.10.16.16.2)

Answer 15

Network +2 Address

Question 16

IP that is used for reserved for future use. (ex.10.16.16.3)

Answer 16

Network +3 address

Question 17

Ip that is used for broadcasting, Last IP in the subnet (ex.10.16.16.255)

Answer 17

Broadcast Address

Question 18

Control the DNS servers, domain names, or Network Time Protocol (NTP) servers used by the devices in your VPC or disables DNS resolution completely in your VPC

Answer 18

DHCP Options Set

Question 19

Can you edit the DHCP Options Set after applying?

Answer 19

No need to delete and create a new one

Question 20

How to make a subnet public?

Answer 20

Auto assign public IPv4 addresses

Question 21

Allows IPv4 private instances outgoing access to the internet

Answer 21

NAT

Question 22

How can an Internet Gateway (IGW) be configured to be highly available

Answer 22

Highly Available by Default

Question 23

Is /16 the max size of a VPC and /28 is the minimum size of a VPC?

Answer 23

Yes

Question 24

can Default VPC’s be recreated?

Answer 24

Yes

Question 25

Do you need an internet gateway per AZ

Answer 25

No

Question 26

Is IPv4 configured in the OS with the public IP address

Answer 26

No, with it’s private IP

Question 27

Are Bastion Host and Jumpbox the same thing?

Answer 27

Yes

Question 28

Instance in a public subnet within a vpc using to allow incoming management connection

Answer 28

Bastion Host

Question 29

Established connection between two devices using a random port on a client and known port on the server

Answer 29

TCP

Question 30

Doesn’t understand the state of connections, requires 1 inbound and 1 outbound rule

Answer 30

Stateless Firewall

Question 31

Can a request be inbound or outbound

Answer 31

Yes

Question 32

intelligent enough to identify the request and response components of a connection as being related

Answer 32

Stateful Firewall

Question 33

Allowing the request means that the response is allowed automatically

Answer 33

Stateful Firewall

Question 34

Every subnet has an associated NACL

Answer 34

True

Question 35

Contain rules grouped into inbound and outbound that controls traffic in and out of subnets

Answer 35

NACL

Question 36

Rules are processed in order, lowest rule number first

Answer 36

NACL

Question 37

Can NACL be assigned to AWS resources?

Answer 37

No only subnets

Question 38

Is NACL stateless or stateful

Answer 38

Stateless

Question 39

Are Security groups stateful or stateless

Answer 39

Stateful

Question 40

Are security groups attached to network interfaces

Answer 40

Yes

Question 41

process of remapping source ip’s and destination ips

Answer 41

Network Address Translation (NAT)

Question 42

Where does a NAT Gateway run from

Answer 42

Public Subnet

Question 43

NAT Gateway are an AZ resilent service, for region resilience NATGW needs to be in EACH AZ

Answer 43

True

Question 44

Can security groups be used with NAT Gateways

Answer 44

No only NACL