VPC’s

Question 1

What is the method for allocating IP’s called?

Answer 1

Classless Inter-Domain Routing (CIDR)

Question 2

What defines how many bits can change in the IP?

Answer 2

A subnet mask

Question 3

What is the max number of VPC’s you can have in an AWS region?

Answer 3

5

Question 4

What is the max number of CIDR’s you can assign per VPC?

Answer 4

5

Question 5

AWS reserves ____ in each subnet.

Answer 5

5 IP addresses (first 4 & last 1)

Question 6

What allows resources in a VPC to connect to the internet?

Answer 6

An Internet Gateway (IGW)

Question 7

Internet gateways on their own do not allow Internet access, what also must be edited?

Answer 7

The route tables

Question 8

We can use __________ to SSH into our private EC2 instances

Answer 8

Bastion Host

Question 9

Where is the Bastion Host located?

Answer 9

The public subnet

Question 10

For a Bastion host, the security group MUST allow?

Answer 10

Access from the Internet on port 22 from a restricted CIDR

Question 11

What does NAT stand for?

Answer 11

Network Address Translation

Question 12

What allows EC2 instances in private subnets to connect to the Internet?

Answer 12

NAT Gateways

Question 13

Where must the NAT Instance be launched?

Answer 13

In a public subnet

Question 14

What setting must be disabled in NAT instance?

Answer 14

Source/destination check

Question 15

What must a NAT Instance have attached to it?

Answer 15

An Elastic IP

Question 16

Inside of a Nat Gateway, how must the route tables be configured?

Answer 16

For traffic to go from the private subnets to the NAT instance

Question 17

If you need to implement a VPC where you only want IPv6 instances to be able to connect out and receive responses then you should use what?

Answer 17

An Egress-Only internet Gateway

Question 18

Gateway endpoints provide a private-only resource inside a VPC or any resource inside a private-only VPC access to which services?

Answer 18

S3 and DynamoDB

Question 19

Gateway endpoints are highly available across _______________ in a region by default.

Answer 19

All Availability Zones

Question 20

Do Gateway endpoints go into a particular subnet?

Answer 20

No, it’s associated with a VPC but you just set which subnets are going to be used with it and it automatically configures the route on the route tables for those subnets.

Question 21

When you are implementing gateway endpoints, you can configure ________________, which allows you to control what things can be connected to that gateway endpoint?.

Answer 21

Endpoints Policy

Question 22

Gateway endpoints can only be used to access services within the same ____________

Answer 22

Region