VPC Basics Flashcards

1
Q

T or F: A VPC is created in an availability zone.

A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a subnet?

A

A subnetwork of the VPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Can a subnet be in more than one Availability Zone?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Can an availability zone have more than one subnet?

A

Yes, but that sounds like a bad idea

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which IP addresses are reserved in a subnet CIDR?

A

First 4, then last one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is important about the first IP address of a subnet’s CIDR?

A

This is the IP of the network address that routes subnet traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the DHCP Options Set?

A

Configuration that applies to VPC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the purpose of the VPC Router?

A

Routes traffic between subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why is the VPC router considered highly available?

A

It runs in all availability zones that the VPC operates in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How is priority decided in a VPC route table?

A

More specific the IP range is, the higher peiority is given to routing. In addition, anything “local” ie within VPC given highest priority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is internet gateway used for?

A

Route traffic between vpc and internet or aws public zone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the bastion host used for?

A

The bastion host routes management traffic to access internal VPC resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or false: A NACL controls traffic in and out of instances

A

False. A NACL controls traffic in and out of subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Are connections within a subnet impacted by a NACL?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Why does every connection need an inbound and outbound rule when using a NACL?

A

NACLs are stateless and don’t maintain anything about the connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What can a NACL reference?

A

IP addresses, ports, protocols. No logical resources.

17
Q

Can a single NACL be assigned to many subnets?

A

Yes, but a subnet can have only one NACL.

18
Q

If I need to reference an AWS resource, would I use a NACL or Security Group?

A

Security Group

19
Q

Are you able to explicitly deny traffic with Security Groups?

A

No, only allow.

20
Q

What is an elastic network interface? (ENI)?

A

logical virtual network card that can be configured and attached to EC2 instance.

21
Q

What is a NAT Gateway used for?

A

Allow private IPV4 instances access to public internet.