Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

MyACG - SysOps Administrator Associate > VPC Overview > Flashcards

VPC Overview Flashcards

1
Q

What is a VPC?

A

A logically isolated section the cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or false: You have complete control over the networking including IP addresses, creating subnets, and configuring route tables?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or false: you can create a hardware VPN connection between your corporate data center and your VPC, allowing you to leverage AWS cloud as an extension of your corporate data center?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which three internal private IP ranges does AWS support?

A
  1. 0.0.0 - 10.255.255.255 (10/8 prefix)
  2. 16.0.0 - 172.31.255.255 (172.16/12 prefix)
  3. 168.0.0 - 192.168.255.255 (192.168/16 prefix)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What website can you use to help calculate the CIDR range you should use in your networks?

A

CIDR.xyz

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the default maximum number of VPC’s you can have in a region?

A

5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can you increase the default number of VPCs in a region?

A

Yes, by opening a case with AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

If you require more IP addresses than your current VPC supports, how can you create more?

A

You have to create a new VPC, so plan ahead.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Where do CIDR addresses get applied?

A

When you create a subnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Can a subnet span availability zones?

A

No. One subnet, one availability zone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Where are subnets applied?

A

Availability Zones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can you create more than one internet gateway in a VPC?

A

No, each VPC can be allocated one IG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or false: You should always plan for high availability with internet gateways by implementing at least two per VPC?

A

False: You can only attach one internet gateway per VPC. Internet gateways are an AWS managed service and have high availability built in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

True or false: Like subnets, security groups are locked to one availability zone?

A

False: Security groups can span availability zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

True or false: With a custom VPC, you can launch instances into the subnet of your choice?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True or false: With a custom VPC, you can assign custom IP address ranges in each subnet?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

True or false: With a custom VPC, you can configure route tables between subnets?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

True or false: With a custom VPC, you can attach an internet gateway to your VPC?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

True or false: With a custom VPC, you can have much better security control over your AWS resources?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

True or false: With a custom VPC, you can use instance security groups?

A

True

21
Q

True or false: With a custom VPC, you can use subnet access control lists?

A

True

22
Q

Can you block IP addresses with a subnet access control list?

A

Yes

23
Q

True or false: With the AWS default VPC, all instances require an internet gateway for access to the internet?

A

False: All subnets in a default VPC have a route to the internet.

24
Q

True or False: Instances in a default VPC have only a public IP address?

A

False: Instances in a default VPC have both a public and a private IP address

25
Q

True or false: Private subnets come with the default VPC?

A

False: To get private subnets in the default VPC you have to create them manually.

26
Q

When you deploy an EC2 instance to a custom VPC in a private subnet, will the EC2 instance be assigned a public and private IP address?

A

No, it will only be assigned a private IP address because it is in a private subnet.

27
Q

Can one VPC talk to another?

A

Yes, via VPC Peering

28
Q

What does VPC peering allow you to do?

A

Connect one VPC with another via a direct network route.

29
Q

Do VPC Peers use public or private IP addresses?

A

Private IP addresses

30
Q

With VPC peering, do instances behave as though on the same private network?

A

Yes. They will be allowed to communicate to eachother.

31
Q

While you can peer VPCs in your AWS account, peering with other AWS accounts is not possible without a VPN connection?

A

False: You can peer with VPCs in another account without the need of VPNs or other services.

32
Q

What network topology (or configuration) do VPC peers follow?

A

Star topology (configuration).

33
Q

Does VPC peering support transitive peering?

A

No, only direct peering

34
Q

What is transitive peering?

A

The idea that if VPC - A has a VPC peer with VPC - B and VPC - C, then VPC - A can network with VPC - C through VPC - B.

35
Q

If VPC - A needs to peer to VPC - C througfh VPC - B, how can this be accomplished?

A

VPC - B would need a VPC peer with VPC - C

36
Q

Exam Tip - Should you think of a VPC as a logical datacenter in AWS?

A

Yes

37
Q

Exam Tip - What network assets do VPCs consist of?

A

Network access control lists
subnets
security groups.

38
Q

Exam Tip - How many availability zones can a subnet access?

A

One. Remember, one subnet per availability zone.

39
Q

Exam Tip - Are security groups stateful, or stateless?

A

Stateful

40
Q

Exam Tip - Are network access control lists stateful or stateless?

A

Stateless

41
Q

Exam Tip - Is transitive peering a thing?

A

No. To achieve that kind of secario, you must create peering between peered VPCs.

42
Q

Is an availabilty zone in one account, the same as an availability zone in another? In other words, if you select us-west-1a, and another AWS account selects us-west-1a, are they neccesarily the same physical location?

A

No. AWS randomizes the availabilty zones for each account to ensure an equal distribution of resource allocation across their datacenters.

43
Q

You deployed a /24 CIDR block which includes 256 IP addresses. You notice only 251 are available to you? What’s going on?

A

The first 4 IP addresses and the last IP address are reserved by AWS.

44
Q

Which IP addresses are reserved by AWS?

A

x. x.x.0 = network IP address
x. x.x.1 = Reserved by the VPC router
x. x.x.2 = Reserved by AWS DNS
x. x.x.3 = Reserved by AWS
x. x.x.255 = Network broadcast address

45
Q

How many IP addresses will you lose when deploying a CIDR block?

A

5

46
Q

BY default, are nelwy create internet gateways attached to the custom VPC?

A

No, they are detached. You have to attach it to a custom VPC.

47
Q

True or False: When you create a subnet, it is automatically associated with your main route table?

A

True

48
Q

As a security precaution, why should your main route table be private, without access to or from the internet?

A

Newly created subnets are automatically assigned to it, creating a possible security issue.

MyACG - SysOps Administrator Associate (62 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions