Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cloud computing > AWS-Module 4: Networking > Flashcards

AWS-Module 4: Networking Flashcards

1
Q

What is Amazon virtual private cloud (VPC)

A

A VPC lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The public and private grouping of resources are known as ________ and they are ranges of IP addresses in your VPC.

A

subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are subnets?

A

Subnets are chunks of IP addresses in your VPC that allow you to group resources together

(is a section of a VPC that can contain resources such as Amazon EC2 instances)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

_________ and networking rule control whether resources are publicly or privately available

A

Subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Subnets are divided into what two types?

A

Public and private subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a public subnet?

A

Contain resources that need to be accessible by the public, such as an online store’s website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a private subnet?

A

contain resources that should be accessible only through your private network, such as a database that contains customers’ personal information and order histories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In a _____, subnets can communicate with each other (regardless if it private or public)

A

VPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In order to allow traffic from the public internet to flow into and out of your VPC, you must attach what is called an ______________, to your VPC.

A

internet gateway, or IGW (An internet gateway is like a doorway that is open to the public.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When dealing with internal private resources that you want private & only certain people to use then you need a virtual private gateway, and it allows you to create a ________ connection between a private network, like your on-premises data center or internal corporate network to your VPC.

A

VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is AWS direct connect

A

is a service that lets you to establish a dedicated private connection between your data center and a VPC.
The public subnets have access to the internet gateway; the private subnets do not & vice versa

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a packet?

A

is a unit of data sent over the internet or a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

_________ are messages from the internet, and every _______ that crosses the subnet boundaries gets checked against something called a network access control list or network ACL.

A

Packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

_________ only gets to evaluate a packet if it crosses a subnet boundary, in or out (It doesn’t evaluate if a packet can reach a specific EC2 instance or not)

A

network ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

___________ have their own security groups and by default their security group doesn’t allow any traffic into the instance at all, all ports are blocked, & all IP addresses sending packets are blocked

A

EC2 Instances

You can modify the instance security to accept certain types of traffic in or out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A __________ is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.

A

security group

17
Q

By default, a security group _______ all inbound traffic and allows all outbound traffic.

A

denies

18
Q

If you have multiple Amazon EC2 instances within the same VPC, you can associate them with the same _________ or use different ____________ for each instance.

A

security group

19
Q

Security groups perform ________ packet filtering. They remember previous decisions made for incoming packets.

A

stateful

20
Q

What does it mean to be a stateful security group?

A

it has some kind of a memory when it comes to who to allow in or out

21
Q

The network ACL is _________, which remembers nothing and checks every single packet that crosses its border regardless of any circumstances.

A

the network ACL is stateless, which remembers nothing and checks every single packet that crosses its border regardless of any circumstances.

22
Q

What is the key difference between security group and network ACL?

A

The key difference between a security group and a network ACL is the security group is stateful, and the network ACL is stateless

23
Q

What is network ACL?

A

A network ACL is a virtual firewall that controls inbound and outbound traffic at the subnet level.

24
Q

By default, your account’s default network ACL allows ___________, but you can modify it by adding your own rules. For custom network ACLs, all inbound and outbound traffic is denied until you add rules to specify which traffic to allow.

A

all inbound and outbound traffic

25
Q

What is Route 53?

A

is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications hosted in AWS.

it’s highly available and scalable

26
Q

What is a DNS?

A

DNS as a translation service, it translates website names into IP (Internet Protocol) addresses that computers can read

27
Q

What can Route 53 do?

A

can direct traffic to different endpoints using several different routing policies, such as latency-based routing, geolocation DNS, geoproximity, and weighted round robin. If we take geolocation DNS, that means we direct traffic based on where the customer is located. So traffic coming from say North America is routed to the Oregon Region, and traffic in Ireland is routed to the Dublin Region, as an example.

28
Q

Another feature of _________ is the ability to manage the DNS records for domain names. You can register new domain names directly in _________. You can also transfer DNS records for existing domain names managed by other domain registrars. This enables you to manage all of your domain names within a single location.

A

Route 53

29
Q

_________ help speed up delivery of website assets to customers

A

CloudFront

30
Q

What is content delivery network, or CDN?

A

is a network that helps to deliver edge content to users based on their geographic location.

31
Q

What is DNS resolution?

A

DNS resolution is the process of translating a domain name to an IP address.

32
Q

Describe how Amazon Route 53 and Amazon CloudFront deliver content

A

1.A customer requests data from the application by going to ACompany’s website.

2.Amazon Route 53 uses DNS resolution to identify ACompany.com’s corresponding IP address, 192.0.2.0. This information is sent back to the customer.

3.The customer’s request is sent to the nearest edge location through Amazon CloudFront.

4.Amazon CloudFront connects to the Application Load Balancer, which sends the incoming packet to an Amazon EC2 instance.

Cloud computing (43 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions