Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > VPC Section > Flashcards

VPC Section Flashcards

1
Q

VPC Definition & Components

A

• VPC -Virtual Private Cloud: private network to deploy your resources
(regional resource)
• Subnets allow you to partition your network inside your VPC (Availability Zone resource)
• A public subnet is a subnet that is accessible from the internet
• A private subnet is a subnet that is not accessible from the internet
• To define access to the internet and between subnets, we use Route Tables
.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Internet Gateway

A
  • Helps our VPC instances connect with the internet

* Public Subnets have a route to the internet gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

NAT Gateways (AWS-managed) & NAT Instances (self-managed)

A

allow your instances in your Private Subnets to access the internet while remaining private

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

NACL (Network ACL)

A
  • A firewall which controls traffic from and to subnet
  • Can have ALLOW and DENY rules
  • Are attached at the Subnet level
  • Rules only include IP addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Security Groups

A
  • A firewall that controls traffic to and from an ENI / an EC2 Instance
  • Can have only ALLOW rules
  • Rules include IP addresses and other security groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Network ACLs vs Security Groups

A

Security Group
• Operates at instance level
• Supports allow rules only
• Is stateful: Return traffic is automatically allowed, regardless of any rules

NACL
• Operate at subnet level
• Supports allow/deny rules
• Is stateless: Return traffic must be explicitly allowed by rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

VPC Flow Logs

A

Capture information about IP traffic going into your interfaces:
• VPC Flow Logs
• Subnet Flow Logs
• Elastic Network Interface Flow Logs

• Helps to monitor & troubleshoot connectivity issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

VPC Peering

A
  • Connect two VPC, privately using AWS’ network (same network behavior)
  • Must not have overlapping CIDR (IP address range)
  • not transitive
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

VPC Endpoints

A

• Endpoints allow you to connect to AWS Services using a private network instead
of the public www network
• This gives you enhanced security and lower latency to access AWS services
• VPC Endpoint Gateway: S3 & DynamoDB
• VPC Endpoint Interface: the rest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Site to Site VPN

A
  • Connect an on-premises VPN to AWS
  • The connection is automatically encrypted
  • Goes over the public internet
  • On-premises: must use a Customer Gateway (CGW)
  • AWS: must use a Virtual Private Gateway (VGW)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Direct Connect (DX)

A
  • Establish a physical connection between on-premises and AWS
  • The connection is private, secure and fast
  • Goes over a private network
  • Takes at least a month to establish
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Cloud Practitioner (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions