AWS Interview Questions and Answer Part – 11

What kind of rules do Network Access Control Lists (NACLs) provide?

• Outbound allow and deny rules
• Inbound allow and deny rules
• Inbound and outbound allow rules
• Inbound and outbound allow and deny rules (Ans)

How can you make a VPC Peering connection highly available (HA)?

• You can pay more to purchase a highly available version of a VPC Peering connection
• You can configure multiple VPC Peering connections between two VPCs for HA
• They are automatically highly available (Ans)

Which are the most isolated – Regions or Availability Zones (AZ)?

• Regions (Ans)
• Availability Zones

Which of the following is true of Direct Connect?

A – It allows access to VPC resources using private IP addresses via a secure tunnel over the Internet
B – It allows access to VPC resources using private IP addresses but is not preferred over VPN tunnels
C – It allows access to VPC resources using private IP addresses and is preferred over VPN tunnels (Ans)

What was a major factor in the inception of Amazon Web Services?

• The ability to leverage Amazon’s existing web-scale infrastructure (Ans)
• The rise to popularity of the Docker container engine
• A response to Microsoft Azure

True or false, an ELB can be configured to accept incoming HTTPS connections and forward them internally as normal HTTP?

• True (Ans)
• False

Which of the following is a valid subnet in a VPC with the following CIDR block – 192.168.0.0/16?

• 192.0.1.0/24
• 10.0.0.0/16
• – 192.168.1.0/24 (Ans)

• 10.0.0.0/2

How do you create a Router in your VPC?

• Using the AWS CLI tools
• A router is automatically created for your VPC (Ans)
• From the Router-Config page in the VPC console

What AWS component is an Internet Gateway associated with?

• Availability Zone
• Subnet
• Region
• VPC (Ans)

At what level are Network ACLs applied?

• EC2 Instances
• VPCs
• Availability Zones
• Subnets (Ans)

Which AWS resource is a VPC bound by?

• A single Region (Ans)
• A VPC can span all AWS resources
• A single Availability Zone
• A single Subnet

How long does a VPC Peering request remain active?

• 28 days
• 7 days (Ans)
• 1 hour
• 1 day

Which protocol suite is used to encrypt most VPN tunnels?

• Secure DNS
• IPX/SPX
• IPsec (Ans)
• NetBIOS

What is the network portion of the following CIDR block – 10.0.0.0/24?

• 10.0
• 10
• 10.0.0.0
• 10.0.0 (Ans)

What form of address translation does the Amazon NAT AMI perform?

• Port Address Translation (PAT) (Ans)
• Route Address Translation (RAT)
• CIDR Address Translation (CAT)
• Network Address Translation (NAT)

Which of the following best describes an AWS Elastic Load Balancer?

• A service that balances incoming traffic across multiple instances and Regions
• A service that balances incoming traffic across multiple instances in a single Availability Zone
• A service that balances incoming traffic across multiple instances and Availability Zones (Ans)
• A service that balances incoming traffic across multiple instances and VPCs

What kind of Elastic Load Balancers can be created?

• Only internal
• Internet facing and internal (Ans)
• Only Internet facing

Which AWS VPC component is required to allow instances in a private subnet to communicate with the Internet?

• An Internet gateway in the private subnet
• A NAT instance in the private subnet
• An Internet gateway in the public subnet
• A NAT instance in the public subnet (Ans)

Which of the following is true of the behavior of Security Groups?

• Explicit deny rules are required to deny traffic
• All traffic not explicitly denied is implicitly allowed
• Any traffic not explicitly allowed is implicitly denied (Ans)

What is the major advantage of Elastic IPs over Public IPs?

• Elastic IPs are publicly routable, Public IPs are not
• Elastic IPs belong to you and do not change when an instance reboots (Ans)
• Elastic IPs allow you to manually choose a particular address from the pool of Amazon addresses

What is the acronym used in the AWS GUI to represent VPC Peering connection objects?

• PCX (Ans)
• VGW
• PGW
• IGW

Which AWS technology is used to connect multiple VPCs so they can communicate using private IPs?

• VPC Peering (Ans)
• Direct Connect
• Virtual Private Networks
• Elastic Load Balancing

«

Prev

1

/

1

Next

»

AWS Solution Architect Certification Tutorials EC2 (Session-1) — By DevOpsSchool

AWS Solution Architect Certification Tutorials EC2 (Session-2) — By DevOpsSchool

AWS Solution Architect Certification Tutorials EC2 (Session-3) — By DevOpsSchool

AWS Solution Architect Certification Tutorials EC2 (Session-4) — By DevOpsSchool

AWS Solution Architect Certification Tutorials EC2 (Session-5) — By DevOpsSchool

AWS Solution Architect Certification Tutorials EC2 (Session-6) — by DevOpsSchool

AWS Solution Architect Certification Tutorials EC2 (Session-7) — by DevOpsSchool

«

Prev

1

/

1

Next

»

• Author
• Recent Posts

Follow me

Rajesh Kumar

Mentor for DevOps - DevSecOps - SRE - Cloud - Container & Micorservices at Software AG

Join my following certification courses...
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/

My Linkedin - https://www.linkedin.com/in/rajeshkumarin

Follow me

Latest posts by Rajesh Kumar (see all)

• Apache Lucene Query Example - April 8, 2024
• Google Cloud: Step by Step Tutorials for setting up Multi-cluster Ingress (MCI) - April 7, 2024
• What is Multi-cluster Ingress (MCI) - April 7, 2024