AWS (EXTRA MODULE 5)

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/3

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

4 Terms

1
New cards

AWS Module 5 — VPC

Q — You launch a new Amazon VPC and create two subnets: one public and one private. You want your web server in the public subnet to be reachable form the internet, and your database in the private subnet to stay isolated. Which of the following configurations is required?

a) Attach an Internet Gateway to the VPC an update the public subnet’s route table to direct 0.0.0.0/0 to the IGW.
b) Assign a public IP address to the database in the private subnet.
c) Add a NAT Gateway to the private subnet for inbound traffic.
d) Allow all inbound traffic on both subnets.

a) Attach an Internet Gateway to the VPC an update the public subnet’s route table to direct 0.0.0.0/0 to the IGW.

2
New cards

AWS Module 5 — VPC

Q1 — You set up a VOC Peering connection between VPC-A and VPC-B, VPC-A also has a peering connection with VPC-C. However, instances in VPC-B cannot communicate with instances in in VPC-C. Whys is this happening?

a) The CIDR blocks of the VPCs overlap.
b) VPC Peering does not support transitive routing.
c) The peering connection must be created in the same Availability Zone.
d) Security Groups do not allow cross-VPC traffic.

b) VPC Peering does not support transitive routing.

3
New cards

AWS Module 5 — VPC

Q2 — An Enterprise has 10 VPCs and 2 on-premises networks that all need to communicate with each other. Which AWS service provides the simplest, scalable hub-and-spoke design for this architecture?

a) VPC Peering
b) Transit Gateway
c) Internet Gateway
d) NAT Gateway

b) Transit Gateway

4
New cards

AWS Module 5 — VPC Flow Logs

Q — You enable VPC Flow Logs on a subnet to monitor traffic. Later, you notice that some DNS queries to the Amazon-provided DNS server are missing from the flow log records. Why is this happening?

a) VPC Flow Logs only capture accepted traffic.
b) VPC Flow Logs only record traffic between EC2 instances.
c) Some types of traffic, like DNS queries to the Amazon DNS server, are not captured by Flow Logs.
d) The subnet route table was not updated with an Internet Gateway.

c) Some types of traffic, like DNS queries to the Amazon DNS server, are not captured by Flow Logs.