Round 1

Question 1

What is the Account Root User?

Answer 1

The account root user has full control over an AWS Account and any resources created within it. This user can not be restricted.

Question 2

What is IAM and what is it’s purpose?

Answer 2

IAM is an IDP (Identity Provider).

Used to:
1 - Manage Identities - Users, Groups, and Roles which can have policies assigned to them in order to control their permissions.
2- Authenticate - Prove you are who you claim to be and become an “authenticated identity)
3 - Authorize - Allow or deny access to resources

IAM identities start with no permissions on an AWS Account, but can be granted permissions (almost) up to those held by the Account Root User.

Question 3

List 4 MFA Factors

Answer 3

Multi-factor Authentication can use the following factors among others:

KIPoL

• Knowledge - Something you know
• Inherent - Something you are… fingerprints, face, voice, iris, etc.
• Possession - Something you have (bank card, MFA device/app)
• Location - A location (physical), which network (corp or wifi)

Question 4

What are the general steps to creating a new AWS account?

Answer 4

1 - Use a unique email
2 - Add MFA to the account root user
3 - Billing
a - Set billing preferences so that you receive emails and alerts
b - Add a billing ALARM to the AWS Account.
c - Enable billing access for IAM users
4 - Set account contacts

Question 5

What is PoLP?

Answer 5

The principle of least privilege (PoLP) refers to an information security concept in which a user (or identity) is given the minimum levels of access – or permissions – needed to perform his/her job functions.

Question 6

Is IAM shared across AWS accounts?

Answer 6

Every AWS account has its own IAM database. It is a “globally resilient service” so any data is always secure across all AWS regions.

Question 7

What is an IAM policy?

Answer 7

You manage access in AWS by creating policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources. A policy is an object in AWS that, when associated with an identity or resource, defines their permissions.
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html

Question 8

Give an example aws command to configure a new profile?

Answer 8

aws configure –profile training-general-iamadmin

Question 9

Give an example aws command to list files in s3 bucket using a profile.

Answer 9

aws s3 ls –profile training-general-iamadmin

Question 10

What is required for “Cloud Computing”

Answer 10

NIST (National Institute of Standards and Technology) defines it as follows:

1 - On-Demand Self-Service - Provision and Terminate using a UI/CLI without human interaction.
2 - Broad Network Access - Access services over any network, on any devices, using standard protocols and methods.
3 - Resource Pooling - Economies of scale, cheaper service.
4 - Rapid Elasticity - Scale UP (OUT) and DOWN (IN) automatically in response to system load.
5 - Measured Service - Usage is measured. Pay for what you consume.

https://learn.cantrill.io/courses/730712/lectures/14040936

OBRRM

Question 11

When speaking about Cloud Computing, what is “On-Demand Self-Service”?

Answer 11

“…you can provision capabilities as needed without requiring human interaction from the cloud provider”

Question 12

When speaking about Cloud Computing, what is “Broad Network Access”?

Answer 12

“Capabilities are available over the network and accessed through standard mechanisms…”

Question 13

When speaking about Cloud Computing, what is “Resource Pooling”?

Answer 13

a - There is a sense of location independence… no control or knowledge over exact location of the resources
b - …resources are pooled to serve multiple customers using a multi-tenant model

Question 14

When speaking about Cloud Computing, what is “Rapid Elasticity”?

Answer 14

a - Capabilities can be elastically provisioned and released to scale rapidly outward and inward with demand.
b - To consumer, the capabilities available for provisioning often appear to be unlimited.

This is one of the most important aspects of Cloud Computing

Question 15

When speaking about Cloud Computing, what is “Measured Service”?

Answer 15

“Resource usage can be monitored, controlled, reported, and billed”

Question 16

What is “Public Cloud”?

Answer 16

Using only ONE “Cloud” platform. This platform must be available to the general public. (AWS, Azure, Google Cloud)

Question 17

What is “Private Cloud”?

Answer 17

Using just one real “Cloud” platform which is dedicated to you. It must be on-premises. (AWS Outposts, Azure Stack, Google Anthos) It still needs to meet the 5 essential characteristics of Cloud Computing to be considered “Private Cloud”.

Question 18

What is Multi-Cloud?

Answer 18

Using MORE THAN ONE “Public Cloud” vendor (AWS, Azure, Google)

Question 19

What is Hybrid Cloud?

Answer 19

Using both Public Cloud and Private Cloud offerings from ONE specific vendor.

Question 20

What is XaaS

Answer 20

X as a Sevice

Question 21

What makes up an Infrastructure Stack (or Application Stack)?

Answer 21

Application
Data
Runtime
Container
OS
Virtualization
Servers
Infrastructure
Facilities

9 parts
ADRCOVSIF

Question 22

What is the difference between On-Premise, DC Hosted, IaaS, PaaS, SaaS, etc?

Answer 22

On-Premise
DC (Data Center) Hosted
IaaS (Infrastructure as a Service)
PaaS (Platform as a Service) - Heroku - This model is used mostly by Developers
SaaS - Software as a Service - Netflix, Dropbox, Gmail, etc.

AWS has IaaS, Paas, SaaS, etc.

https://learn.cantrill.io/courses/730712/lectures/14040947

Question 23

What does YAML stand for?

Answer 23

“YAML Ain’t Markup Language”

Question 24

What does JSON stand for?

Answer 24

JavaScript Object Notation

Question 25

What are the layers of the OSI 7 Layer Networking Model?

Answer 25

Layer 1 - Physical
Layer 2 - Data Link
Layer 3 - Network
Layer 4 - Transport
Layer 5 - Session
Layer 6 - Presentation
Layer 7 - Application

A layer ‘x’ device contains functionality for that layer and below. For example, a layer 3 device contains functionality from layers 1, 2, and 3.

Question 26

What are the physical mediums used in networking?

Answer 26

Copper (electrical), Fibre (light), and WiFi (Radio Frequency)

Question 27

Describe Layer 1 of a Network as defined by the OSI 7 Layer Networking Model.

Answer 27

Physical Layer

Defines the transmission and reception of RAW BIT STREAMS between a device and a SHARED physical medium. It defines things like voltage levels, timing, rates, distances, modulation, and connectors.

https://learn.cantrill.io/courses/730712/lectures/25094904

Question 28

What are the issues with a solely Layer 1 network? A hub?

Answer 28

• Anything received on any port, is transmitted on every other port. This includes error and collisions.
• No device addressing, all data is processed by all devices.
• If multiple devices transmit at once - a collision occurs
• L1 has no media (physical medium) access control and no collision detection

Question 29

Describe Layer 2 of a Network as defined by the OSI 7 Layer Networking Model.

Answer 29

Data Link Layer

• Uses layer 1 (Physical layer)
• Adds unique hardware (MAC) address resulting in identifiable devices
• Controls access to shared medium
• Detects and mitigates collisions
• Adds frames for communication.

“The data link layer is one of the most important layers, and creates the foundational networking layer which supports Layer 3 IP .. which is how the internet functions.”

Question 30

What does MAC stand for and describe its format.

Answer 30

Media Access Control

48 bits, in hex, 24 bits for manufacturer. Assigned to a piece of hardware.

Question 31

What is CSMA?

Answer 31

Carrier-sense multiple access is a MAC (media access control) protocol in which a node verifies the absence of other traffic before transmitting on a shared transmission medium, such as an electrical bus or a band of the electromagnetic spectrum.

Question 32

What make a switch unique?

Answer 32

It stores and forwards frames to a matching port. At first it doesn’t know the what MAC address is assigned to its port, but once a call is received from a device, it remembers its “from” component of the frame. If a message is sent to a port that is not recognized, the frame is broadcast to all ports on the switch.

Question 33

How many bits per byte

Answer 33

8

Question 34

What is an octet?

Answer 34

It’s a name used to describe 8 bits. This often is used in reference to describe one of the numbers in an IPv4 address.

Question 35

How many bits are there in an IP address?

Answer 35

32 bits (which is 4 octets…)

Question 36

Pick a random number less than 256 and convert it to binary

Answer 36

https://www.rapidtables.com/convert/number/decimal-to-binary.html

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |

Question 37

Pick a random 8 bit binary number and convert it to its decimal equivalent

Answer 37

https://www.rapidtables.com/convert/number/binary-to-decimal.html

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |

Question 38

What protocol is generally used at L2 for local networks?

Answer 38

Ethernet

Question 39

What protocols are used for long distance point to point links?

Answer 39

PPP/MPLS/ATM

Question 40

What does IP stand for? Describe it.

Answer 40

Internet Protocol
There is v4 and v6 that are currently used. This is a L3 (layer 3) protocol. It defines the packet structure used to move data through the network.

https://learn.cantrill.io/courses/730712/lectures/25141550

Question 41

What is dotted decimal notation? What do the parts represent?

Answer 41

4x0-255 used to represent an IPv4 address
The first part is used to identify the network.
The last parts are used to identify the host.

Question 42

What does DHCP stand for?

Answer 42

Dynamic Host Configuration Protocol

Question 43

What is a Subnet Mask?

Answer 43

It’s used to determine what part of an IP address represents the network and what part represents the host. This helps the host know if it needs to use a gateway to communicate locally or remotely.

Question 44

What is the prefix for the subnet mask 255.255.0.0?

Answer 44

It’ is a /16 prefix. 16 bits (2 octets) of the IP are the network, and the remaining bits are for hosts.

https://learn.cantrill.io/courses/730712/lectures/25141552

Question 45

What is ARP

Answer 45

Address Resolution Protocol

Question 46

Describe Layer 3 of a Network as defined by the OSI 7 Layer Networking Model.

Answer 46

The network layer adds the ability for cross-network addressing (IP Addresses). It allows packets to be routed across different layer 2 networks, via L2 Frame encapsulation and forwarding decisions using routes and route tables. Its Layer 3 which allows the internet to function.

• Contains IP Addresses which is used for “cross network addressing”
• ARP - Find the MAC address for an given IP
• Routes - Where to forward packets to
• Route Tables - Multiple routes
• Router - Moves packets from SRC to DEST - Encapsulating in L2 on the way
• Device <=> Device communications over the internet
• No method for channels of communications .. SRC IP <=> DSP IP Only
• Packets can be delivered out of order… which is resolved by L4.

Question 47

Describe Layer 4 of a Network as defined by the OSI 7 Layer Networking Model.

Answer 47

Transport Layer - This layer adds Ports, error correction, retransmission, flow control and a connection orientated architecture. TCP and UDP live at this layer.

Question 48

What name is used for temporary ports?

Answer 48

Ephemeral port.

Question 49

What is an ephemeral port?

Answer 49

Also called a “higher port”, it is a temporary post used during TCP communication. It’s usually has a higher port number.

Question 50

What is a Network ACL?

Answer 50

Network Access Control List

It’s a stateless firewall which needs two rules for each TCP connection, one in both directions.

Question 51

What is NAT?

Answer 51

Network Address Translation (NAT) is the process of adjusting packets source and destination addresses to allow transit across different networks.

The main types you will encounter are Static NAT, Dynamic NAT and Port Address Translation (PAT).

NAT is most commonly experienced in home or office networks where private IPv4 addresses are translated to a single public address, allowing outgoing internet access.

This only makes sense with IPv4. It doesn’t make sense with IPv6 since it has so many more addresses available.

IPv6 does not require NAT.

https://learn.cantrill.io/courses/730712/lectures/25279341

Question 52

What is Static NAT?

Answer 52

1 private to 1 (fixed) public address (IGW)

The router (NAT DEVICE) maintains a NAT table. It maps PrivateID : PublicIP (1:1)

In AWS this is how the Internet Gateway (IGW) functions.

Question 53

What is Dynamic NAT

Answer 53

1 private to 1st available Public

Public IP is temporarily allocated from Pubic IP Pool.

Only one Private IP will be mapped to a Public IP at a given time. It’s still 1:1 for the duration of the allocation.

If the Public IP Pool is exhausted, external access can/will fail.

https://learn.cantrill.io/courses/730712/lectures/25279345

Question 54

What is PAT?

Answer 54

Port Address Translation - Many private to 1 public (NATGW). This is often what home networks are like.

Allows a large number of private devices to share one public address.

In AWS, this is how the NATGateway (NATGW) functions.

Question 55

What is a disadvantage of using PAT?

Answer 55

External traffic can not initiate a connection to an internal device since the destination IP is unknown.

Question 56

When was IPv4 standardized?

Answer 56

1981 in RFC791

Question 57

How many IP addresses are available in IPv4?

Answer 57

4.294 billion

Question 58

What is the “Class A” address space?

Answer 58

IPv4 address space ranging from 0.0.0.0 to 127.255.255.255

128 NETWORKS
16,777,216 IPs each

The first octet is used to identify the network.

In the early days, each network was assigned to very large companies like Apple, Ford, USPS, military, etc. Many have since given up these ranges which are now allocated to regional managers of the IP address space for allocation to users in that region.

Question 59

What is the “Class B” address space?

Answer 59

IPv4 address space ranging from 128.0.0.0 to 191.255.255.255

12,384 NETWORKS
65,536 IPs each

The first two octets are used to identify the network.

In the early days these were allocated to large companies that didn’t need to have a “Class A” allocation. They are now generally allocated to the regional authorities and they manage them and allocate them to any organization that requests and can justify addresses in this range.

Question 60

What is the “Class C” address space?

Answer 60

IPv4 address space ranging from 192.0.0.0 to 223.255.255.255

2,097,152 NETWORKS
256 IPs each

The first three octets are used to identify the network.

In the early days these were allocated to smaller companies. They are now generally allocated to the regional authorities and they manage them and allocate them.

Question 61

What is the “Class D” and “Class E” address space?

Answer 61

“Class D” is used for multicast and “Class E” is reserved.

Question 62

Describe the IPv4 Private Addressing range

Answer 62

It is defined by standard RFC1918

10. 0.0.0 - 10.255.255.255 (1 x “Class A” Network) - 1 x 16,777,216 IPv4 addresses
11. 16.0.0 - 172.31.255.255 (16 x “Class B” Networks) - 16 x 65,536 IPv4 addresses
12. 168.0.0 - 192.168.255.255 (256 x “Class C” Networks) - 256 x 256 IPv4 addresses

In AWS address 172.31.xxx.xxx is used for the default VPC

Question 63

How many IP addresses are available in IPv6?

Answer 63

340 sextillion

Question 64

How does the prefix number correlate to a network size?

Answer 64

The larger the prefix value, the smaller a network.

Question 65

How do you create a subnet?

Answer 65

You split the range into two. The prefix is then increased.

https://learn.cantrill.io/courses/730712/lectures/26984984

Question 66

What is DDoS

Answer 66

Distributed Denial of Service are effective at disrupting web applications no matter their size.

They are generally initiated from networks of compromised machines known as Botnets.

They come in 3 common types:

• Application Layer - HTTP FLOODS - Making lots of calls to HTTP endpoints.
• Protocol Attacks - SYN FLOODS - Related to the handshake process. Happens during SYN using a fake SOURCE)
• Volumetric/Amplification Attacks - Size of botnet can be smaller. A Botnet exploits a protocol where a response is significantly larger than the request. In this case making a spoofed request to DNS using the source IP of the servers being attacked. That way the DNS servers all make a call to the server and overwhelm it.

https://learn.cantrill.io/courses/730712/lectures/26952882

Question 67

What does SSL stand for?

Answer 67

Secure Sockets Layer

Question 68

What does TLS stand for?

Answer 68

Transport Layer Security? It is a newer and more secure version of SSL.

Question 69

What are SSL and TLS used for?

Answer 69

Privacy and Data Integrity between client & server
Provide:
- Privacy - communications are encrypted
- Identity verified 
- Reliable connection

Question 70

What are the stages of setting up a TLS connection?

Answer 70

1 - Establish Cipher Suites - TLS begins with an established TCP connection. Agree on the method of communications, “the Cipher Suite”.
2 - Authentication - Ensure the server certificate is authentic, verifying the server as legitimate.
3 - Key Exchange - Move from Asymmetric to Symmetric keys in a secure way and begin encryption process.