Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > VPC & Networking > Flashcards

VPC & Networking Flashcards

1
Q

What is VPC (Virtual Private Cloud)?

A

Private network to deploy your resources (regional resource)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a subnet?

A

Allow you to partition your network inside your VPC (Availability Zone resource)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a public subnet?

A

A subnet that is accessible from the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a private subnet?

A

A subnet that is not accessible from the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are Route Tables?

A

Used to define access to the internet and between subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an Internet Gateway?

A

Helps our VPC instances connect with the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does a NAT Gateway (AWS Managed) & NAT Instances (self-managed) allow you do to?

A

Allow your instances in your private subnets to access the internet while remaining private

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is NACL (Network ACL)?

A

A firewall which controls traffic from and to subnet. Can have allow and deny rules. Are attached to a subnet and rules only include IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are security groups?

A

A firewall that controls traffic to and from an ENI / an EC2 Instance. Can only have allow rules, rules include IP address and other security groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What level is NACL at?

A

Subnet level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What level is security group at?

A

Instance level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is VPC Flow Logs?

A

Capture information about IP traffic goring to your instances. Helps to monitor and troubleshoot connectivity issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Where do VPC Flow logs data go?

A

S3 or CloudWatch Logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is VPC Peering?

A

Connect two VPC, privately using AWS’ network. Make them behave as if they are on the same network. VPC Peering connection is not transitive (must be established for each VPC that need to communicate with one another)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is VPC Endpoints?

A

Endpoints allow you to connect to AWS Services using a private network instead of the public www network. This gives you better security and lower latency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What 2 types of VPC Endpoints can you have?

A
  1. VPC Endpoint Gateway: S3 & DynamoDB

2. VPC Endpoint Interface: the rest of the services

17
Q

What is Site to Site VPN?

A

Connect an on-premises VPN to AWS. The connection is automatically encrypted and goes over the public internet. Only a few minutes to make

18
Q

What is Direct Connect?

A

Establish a physical connection between on-premises and AWS. The connection is private, secure, and fast. Goes over the private network and takes at least a month to establish

19
Q

What is Transit Gateway?

A

For having transitive peering between thousands of VPC and on-premises, hub-and-spoke (star) connection. One single gateway to provide this functionality. Works with Direct Connect Gateway and VPN connections

20
Q

Your private subnets need to connect to the Internet while still remaining private. Which AWS managed VPC component allows you to do this?

  1. NAT Instances
  2. Internet Gateway
  3. Security Groups
  4. NAT Gateways
A

NAT Gateway

21
Q

A public subnet is accessible from the Internet while a private subnet is not accessible from the Internet?

  1. Yes
  2. No, all subnets are accessible from the Internet
  3. No, all subnets are not accessible from the Internet
A

Yes

22
Q

Which type of firewall has both allow and deny rules and operates at the subnet level?

  1. Network Access Control List (NACL)
  2. Web Application Firewall (WAF)
  3. Security Groups
  4. GuardDuty
A

Network Access Control List (NACL)

23
Q

You would like to connect hundreds of VPCs and your on-premises data centers together. Which AWS service allows you to link all these together efficiently?

  1. Site-to-Site VPN
  2. Transit Gateway
  3. Internet Gateway
  4. Direct Connect
A

Transit Gateway

24
Q

A company needs two VPCs to communicate with each other. What can they use?

  1. VPC Endpoints
  2. AWS Direct Connect
  3. Internet Gateway
  4. VPC Peering
A

VPC Peering

25
Q

You need a logically isolated section of AWS, where you can launch AWS resources in a private network that you define. What should you use?

  1. Subnets
  2. Availability Zones
  3. A VPC
  4. NAT Instances
A

A VPC

26
Q

A company needs to have a private, secure, and fast connection between its on-premises data centers and AWS Cloud. Which connection should they use?

  1. AWS Connect
  2. Site-to-Site VPN
  3. VPC Peering
  4. AWS Direct Connect
A

AWS Direct Connect

27
Q

Your VPC needs to connect with the Internet. Which VPC component can help?

  1. NAT Gateways
  2. NAT Instances
  3. Network ACL
  4. Internet Gateway
A

Internet Gateway

AWS Cloud Practitioner (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions