AWS Networking Essentials

Networking is how you connect computers around the world and allow them to communicate with one another

download Export

search_insights Statistics

stylus_note White Board

Quran

calculate Calculator

QUESTION OF

Views #: 384

Questions #: 50

Time: 10 minutes

Pass Score: 80.0%

Style

Step

List

Mode

Exam

Practice

AWS created ready-made VPCs to be used as defaults when creating a new EC2 instance

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

AWS default VPC allows internet access by default

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

In the digital world, computers handle the delivery of messages through ___________

Missing

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

In order to deliver a message to a computer we need an _______ address

volume_mute

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

An IPv4 address is a 32-bits IP address

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

The parts between the dots '.' in the following IPv4 address are called _______

192.168.1.30

Missing

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

CIDR Notation

In this CIDR, identify the fixed and flexible parts

192.168.1.0/24

Fixed (1)
Flexible (2)

drag and drop the selected option to the right place

192.168.1

192.168

192

168.1

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

How many IPs available in the following CIDR

volume_mute

192.168.1.0/24

256

65536

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A VPC can contain only one subnet

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

To enable access to an EC2 instance, you need an internet gateway

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

An internet gateway does not have to be attached to a VPC in order to allow internet traffic to an EC2 instance inside the VPC

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A virtual private gateway allows VPN connectivity between a on-premises data center systems and AWS resources over the public internet

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

AWS reserve some IPs. Map their definitions

IP address	Reserved for:
10.0.0.0	(1)
10.0.0.1	(2)
10.0.0.2	(3)
10.0.0.3	(4)
10.0.2.255	(5)

drag and drop the selected option to the right place

Network broadcast address

VPC local router

Future use

Network address

DNS server

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

An internet gateway is highly available and scalable

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

AWS Direct Connect is a dedicated network connection between your on-premises infrastructure and AWS bypassing the public internet

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

AWS Direct Connect vs AWS Virtual Private Gateway

volume_mute

A client wants to establish a secure private connection between on-premises systems and AWS cloud network. He does not want an expensive solution and wants it quickly with high security. Which option should he choose?

AWS Direct Connect

AWS Virtual Private Gateway

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Main route table

When you create a VPC, AWS creates a route table called the route table. A route table contains a set of rules, called , that are used to determine where network traffic is directed.

Please drag and drop the selected option in the right place or type it instead

main

minor

routes

rules

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Choose what applies to the main rout table

volume_mute

You cannot delete the main route table.

You cannot set a gateway route table as the main route table.

You can replace the main route table with a custom subnet route table.

You can add, remove, and modify routes in the main route table.

You can explicitly associate a subnet with the main route table, even if it's already implicitly associated.

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

The main route table is used implicitly by subnets that do not have an explicit route table association

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

You cannot overwrite the routes in the main route table for a specific subnet

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A network access control list (network ACL) lets you control what kind of traffic is allowed to enter or leave your subnet

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

The default network ACL for a subnet allows all traffic in and out of the subnet

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A network ACL is stateless

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

An EC2 instance allows by default all inbound and outbound traffic

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

You have to allow all outbound traffic in a security group in order for your web server to respond to inbound requests

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

You can associate a route table to

volume_mute

AWS accounts

Availability Zones

Subnets

Regions

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Which of the following is true for a security group's default setting?

volume_mute

It allows all inbound traffic and blocks all outbound traffic.

It blocks all inbound traffic and allows all outbound traffic.

It allows all inbound and outbound traffic.

It blocks all inbound and outbound traffic.

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A network access control list (network ACL) filters traffic at the Amazon EC2 instance level.

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Which of the following best describes the purpose of a Bastion Host in AWS?

volume_mute

A Bastion Host is used to host a website that is accessible to the public

A Bastion Host is a server designed to securely access and manage resources in a private subnet within a VPC

A Bastion Host provides a way to connect directly to the AWS management console from any IP address

A Bastion Host is a database server that handles large volumes of data in a private subnet

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Which of the following steps must be taken to ensure that an EC2 instance can function as a NAT instance in an AWS VPC?

volume_mute

Assign an Elastic IP address to the NAT instance

Disable source/destination checking on the NAT instance

Launch the NAT instance in a private subnet

Attach a security group to the NAT instance that allows inbound traffic on port 22

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A subnet cannot span multiple availability zones

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

An Internet gateway is attached to subnets

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Ingress routing is a special routing setup when you a route table is directly associated with an internet gateway

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

You cannot route traffic to a NAT gateway through a VPC peering connection, site-to-site VPN connection, or Direct Connect

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

If VPC A is peered with VPC B, and VPC B is peered with VPC C, then VPC A can communicate with VPC C

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

If you are peering VPC A with VPC B, then CIDR ranges for both of them must not overlap

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

What is the primary benefit of using AWS PrivateLink for accessing AWS services or third-party services?

volume_mute

Enables public internet access to AWS services

Reduces the need for complex security groups and NACLs

Provides a private connection to AWS services within your VPC without using public IPs

Increases the maximum bandwidth for data transfer between VPCs

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Is this setup correct as shown by the below figure?

volume_mute

VPC to Virtual Gateway. VPC 2 connects to Virtual Gateway hosted in VPC 1 where VPC 1 uses this Virtual Gateway — VPC to Virtual Private Gateway. VPC 2 connects to Virtual Private Gateway hosted in VPC 1 where VPC 1 uses this Virtual Private Gateway

Correct

Incorrect

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

AWS Direct Connect is restricted to one Region

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Direct Connect is a

volume_mute

global resource

regional resource

single sites availability resource

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

AWS Transit Gateway is a regional resource that resides outside a VPC

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

In the below figure, you can leverage the AWS Transit Gateway to allow VPC A and B to communicate with VPC C and D through the Direct Connect gateway

volume_mute

Direct Connect with Transit Gateway setup connecting multiple VPCs in same region

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Communication between VPCs in different regions could be possible if their regional transit gateways are peered

volume_mute

$transit gateway peering$

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Match AWS Transit Gateway key concepts to their definitions

To complete the line match

Click on an item in the first group
Click on the match in the second group

To delete a match, double click on a line

Concept

Association

Attachment

Propagation

Definition

The connection from Amazon VPC, a VPN, Direct Connect, or a connect attachment to a transit gateway

The route table used to route packets coming from an attachment (from Amazon VPC and VPN)

The route table where the attachment's routes are installed

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

In route table for a Transit Gateway, which route wins if there are multiple routes pointing to the same destination

Please drag and drop the options to sort them

Reorder to find out the right routing match

BGP-propagated routes from AWS Site-toSite VPN

BGP-propagated routes from Direct Connect gateway

Static route entries, including static site-to-site VPN routes

Most specific route (longest prefix match)

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Transit Gateways connects VPCs and on-premises network through a central hub

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Choose the Transit gateway attachment types

volume_mute

VPCs

VPN connections

Direct Connect gateways

Transit Gateway Connect attachments

Transit gateway peering connections

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

A Local Gateway (LGW) in AWS is a component designed to support hybrid cloud connectivity by enabling on-premises data centers to connect with AWS Outposts

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

There is exactly one local gateway per Outpost

volume_mute

True

False

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Classify AWS Gateways

drag and drop the selected option to the right place

note_alt Add notes

POINTS (1)

Correct Answer

Explanation

Professional Cloud