VPC 2

Question 1

Interface Endpoint

Answer 1

For Providing private access to AWS Public Services from private subnets

Question 2

Interface Endpoint HA

Answer 2

Are not HA. They run from inside subnets

Question 3

Interface Endpoint Security

Answer 3

Interface Endpoint Access is controlled on Security Group.

Security Groups are actually configured on ENI and not the Instance

Question 4

S3/DDB x Interface Endpoint

Answer 4

S3 now accessible over Endpoint Interface

Question 5

Interface Endpoint Protocol

Answer 5

TCP and ipv4

Question 6

Interface End-point

Answer 6

Interface Endpoints have DNS and Private IP Address

Question 7

Gateway End Point

Answer 7

Gateway EndPoint have an Issued DNS Name

Question 8

Gateway End Point Prefix List

Answer 8

A manifest containing all CIDR ranges associated with the gateway Endpoint resource. It is automatically added to the vpc’s Route table as pl-63ax5xx…

Question 9

VPC Peering

Answer 9

• Between ONLY Two VPCs in
  either
• The Same or different Accounts
  or
  *Works same/cross-region and same/cross-account

Question 10

VPC DNS Resolution

Answer 10

(optional) Public Hostnames resolve to private IPs

Question 11

Security Group Advantage of Paird VPC

Answer 11

Same region SG’s can reference peer SGs

Question 12

NACL Allows all connections by default

Question 13

STateful Vs Stateles

Answer 13

Stateful:
Allows every connection in to flow out via the same channel

Stateless:
Ingress and Egress need to be configured separately