AWS Interview Questions and Answer Part – 12

Which of the following is true of Network ACLs?

• All rules are processed and order of processing is not important
• Rules are processed in strict numeric order (Ans)

Which of the following describes an AWS Internet Gateway?

• Non-scalable but redundant and highly available
• Horizontally scaled, redundant, highly available (Ans)
• Horizontally scaled but not redundant or highly available
• Vertically scaled, redundant, highly available

Which of the following represents a default route to an Internet Gateway called “igw-x”?

• 255.255.255.0 igw-x
• 0.0.0.0/0 igw-x (Ans)
• 255.255.255.255 igw.x
• 1.1.1.1/0 igw-x

What is the maximum number of rules in a Network ACL?

• 200
• 100
• 50
• 20 (Ans)

How can instances be assigned Public IPs?

• Only automatically via the “Auto-assign Public IP” setting of the subnet
• Manually when launched, or via the “Auto-assign Public IP” setting of the subnet (Ans) (Ans)
• Instances cannot be assigned Public IP addresses
• Only when initially launched

What are the three major AWS components that need configuring when building an AWS VPN?

• Customer Gateway, Virtual Private Gateway, Elastic Load Balancer
• Customer Gateway, Virtual Private Gateway, VPN Tunnel (Ans)
• Customer Gateway, Elastic Load Balancer, VPN Tunnel
• Customer Gateway, Internet Gateway, VPN Tunnel

Which of the following best describes Direct Connect?

• A dedicated private circuit from your infrastructure into an AWS Region via an approved 3rd party (Ans)
• A dedicated private circuit directly from your infrastructure into an AWS Region

Which of the following is true of the Amazon NAT AMI instance?

• It allows stateful replies (Ans)
• It allows stateless replies
• It allows outbound but not inbound packets
• It allows inbound but not outbound packets

AWS maintains a system baseline with what industry-standard?

• FedRAMP
• ISO 27001 (Ans)
• ISO 9001
• PCI DSS

What two features can be used to manage costs at AWS?

• Tagging and consolidated billing (Ans)
• Tagging and multiple accounts
• Multiple accounts and budget creation
• Tagging and the Cost Explorer

The CIA triad has three levels of impact when defining a security breach; list the three levels?

• Moderate, high, catastrophic
• Limited, moderate, high
• Low, medium, high
• Low, moderate, high (Ans)

What rules define a company’s compliance standards?

• Government rules and regulations
• Internal rules
• Industry regulations (Ans)
• AWS defined standards

What key data security feature is most valued when storing data in the cloud?

• Durability (Ans)
• Lifecycle management
• Encryption
• Cleansing

What is the default network operating model when launching an instance?

• VLAN
• Virtual private network
• Virtual private cloud (Ans)
• Classic networking

What is the term availability zone define when considering AWS components?

• A single data center in a safe geological zone
• Availability zones map to area codes
• An area in the world where Amazon services are offered
• Two or more data centers connected with high-speed links (Ans)

What to core services are utilized in every solution offered by AWS?

• Compute and networking
• Compute and storage (Ans)
• Networking and database services
• Storage and database services

How does a customer install AWS security tools?

• Security tools are hosted in the cloud. (Ans)
• Third-party solutions must be purchased and installed.
• Downloaded and installed from a public GITHUB repository.
• Opening a ticket and requesting access.

What two words define the concept of governance in the cloud?

• Security and performance
• Auditing and identity access
• Security and compliance
• Risk and complance (Ans)

Standardizing architecture at AWS can be best accomplished using what automation utility?

• Cloud Formation (Ans)
• AWS Beanstalk
• AWS CLI
• AWS Config

Monitoring acceptable performance at AWS can be carried out using what feature?

• Cloud Watch alarms (Ans)
• Monitoring tools bundled with instances
• Inspector and rules
• Custom cloud trails

Rajesh Kumar

I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I have worked at Cotocus. I share tech blog at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow , and SEO strategies at Wizbrand.

Do you want to learn Quantum Computing?

Please find my social handles as below;

Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at WIZBRAND

Rajesh Kumar DailyLogs