AWS

AWS Interview Questions and Answer Part – 12

January 11, 2020 comments off

Which of the following is true of Network ACLs?

  • All rules are processed and order of processing is not important
  • Rules are processed in strict numeric order (Ans)

Which of the following describes an AWS Internet Gateway?

  • Non-scalable but redundant and highly available
  • Horizontally scaled, redundant, highly available (Ans)
  • Horizontally scaled but not redundant or highly available
  • Vertically scaled, redundant, highly available

Which of the following represents a default route to an Internet Gateway called “igw-x”?

  • 255.255.255.0 igw-x
  • 0.0.0.0/0 igw-x (Ans)
  • 255.255.255.255 igw.x
  • 1.1.1.1/0 igw-x

What is the maximum number of rules in a Network ACL?

  • 200
  • 100
  • 50
  • 20 (Ans)

How can instances be assigned Public IPs?

  • Only automatically via the “Auto-assign Public IP” setting of the subnet
  • Manually when launched, or via the “Auto-assign Public IP” setting of the subnet (Ans) (Ans)
  • Instances cannot be assigned Public IP addresses
  • Only when initially launched

What are the three major AWS components that need configuring when building an AWS VPN?

  • Customer Gateway, Virtual Private Gateway, Elastic Load Balancer
  • Customer Gateway, Virtual Private Gateway, VPN Tunnel (Ans)
  • Customer Gateway, Elastic Load Balancer, VPN Tunnel
  • Customer Gateway, Internet Gateway, VPN Tunnel

Which of the following best describes Direct Connect?

  • A dedicated private circuit from your infrastructure into an AWS Region via an approved 3rd party (Ans)
  • A dedicated private circuit directly from your infrastructure into an AWS Region

Which of the following is true of the Amazon NAT AMI instance?

  • It allows stateful replies (Ans)
  • It allows stateless replies
  • It allows outbound but not inbound packets
  • It allows inbound but not outbound packets

AWS maintains a system baseline with what industry-standard?

  • FedRAMP
  • ISO 27001 (Ans)
  • ISO 9001
  • PCI DSS

What two features can be used to manage costs at AWS?

  • Tagging and consolidated billing (Ans)
  • Tagging and multiple accounts
  • Multiple accounts and budget creation
  • Tagging and the Cost Explorer

The CIA triad has three levels of impact when defining a security breach; list the three levels?

  • Moderate, high, catastrophic
  • Limited, moderate, high
  • Low, medium, high
  • Low, moderate, high (Ans)

What rules define a company’s compliance standards?

  • Government rules and regulations
  • Internal rules
  • Industry regulations (Ans)
  • AWS defined standards

What key data security feature is most valued when storing data in the cloud?

  • Durability (Ans)
  • Lifecycle management
  • Encryption
  • Cleansing

What is the default network operating model when launching an instance?

  • VLAN
  • Virtual private network
  • Virtual private cloud (Ans)
  • Classic networking

What is the term availability zone define when considering AWS components?

  • A single data center in a safe geological zone
  • Availability zones map to area codes
  • An area in the world where Amazon services are offered
  • Two or more data centers connected with high-speed links (Ans)

What to core services are utilized in every solution offered by AWS?

  • Compute and networking
  • Compute and storage (Ans)
  • Networking and database services
  • Storage and database services

How does a customer install AWS security tools?

  • Security tools are hosted in the cloud. (Ans)
  • Third-party solutions must be purchased and installed.
  • Downloaded and installed from a public GITHUB repository.
  • Opening a ticket and requesting access.

What two words define the concept of governance in the cloud?

  • Security and performance
  • Auditing and identity access
  • Security and compliance
  • Risk and complance (Ans)

Standardizing architecture at AWS can be best accomplished using what automation utility?

  • Cloud Formation (Ans)
  • AWS Beanstalk
  • AWS CLI
  • AWS Config

Monitoring acceptable performance at AWS can be carried out using what feature?

  • Cloud Watch alarms (Ans)
  • Monitoring tools bundled with instances
  • Inspector and rules
  • Custom cloud trails
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)