{"id":8628,"date":"2020-01-11T07:59:15","date_gmt":"2020-01-11T07:59:15","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=8628"},"modified":"2021-11-15T05:59:59","modified_gmt":"2021-11-15T05:59:59","slug":"aws-interview-questions-and-answer-part-11","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/aws-interview-questions-and-answer-part-11\/","title":{"rendered":"AWS Interview Questions and Answer Part \u2013 11"},"content":{"rendered":"\n<p><strong>What kind of rules do Network Access Control Lists (NACLs) provide?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Outbound allow and deny rules<\/li><li>Inbound allow and deny rules<\/li><li>Inbound and outbound allow rules<\/li><li><strong>Inbound and outbound allow and deny rules (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>How can you make a VPC Peering connection highly available (HA)?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>You can pay more to purchase a highly available version of a VPC Peering connection<\/li><li>You can configure multiple VPC Peering connections between two VPCs for HA<\/li><li><strong>They are automatically highly available (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Which are the most isolated &#8211; Regions or Availability Zones (AZ)?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Regions (Ans)<\/strong><\/li><li>Availability Zones<\/li><\/ul>\n\n\n\n<p><strong>Which of the following is true of Direct Connect?<\/strong><\/p>\n\n\n\n<p>A &#8211; It allows access to VPC resources using private IP addresses via a secure tunnel over the Internet<br> B &#8211; It allows access to VPC resources using private IP addresses but is not preferred over VPN tunnels<br><strong> C &#8211; It allows access to VPC resources using private IP addresses and is preferred over VPN tunnels (Ans)<\/strong><\/p>\n\n\n\n<p><strong>What was a major factor in the inception of Amazon Web Services?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>The ability to leverage Amazon&#8217;s existing web-scale infrastructure (Ans)<\/strong><\/li><li>The rise to popularity of the Docker container engine<\/li><li>A response to Microsoft Azure<\/li><\/ul>\n\n\n\n<p><strong>True or false, an ELB can be configured to accept incoming HTTPS connections and forward them internally as normal HTTP?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>True (Ans)<\/strong><\/li><li>False<\/li><\/ul>\n\n\n\n<p><strong>Which of the following is a valid subnet in a VPC with the following CIDR block &#8211; 192.168.0.0\/16?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>   192.0.1.0\/24<\/li><li> 10.0.0.0\/16<\/li><li><strong> &#8211; 192.168.1.0\/24 (Ans)<\/strong><\/li><\/ul>\n\n\n\n<ul class=\"wp-block-list\"><li> 10.0.0.0\/2 <\/li><\/ul>\n\n\n\n<p><strong>How do you create a Router in your VPC?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Using the AWS CLI tools<\/li><li><strong>A router is automatically created for your VPC (Ans)<\/strong><\/li><li>From the Router-Config page in the VPC console<\/li><\/ul>\n\n\n\n<p><strong>What AWS component is an Internet Gateway associated with?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> Availability Zone<\/li><li>Subnet<\/li><li>Region<\/li><li><strong>VPC (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>At what level are Network ACLs applied?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>EC2 Instances<\/li><li>  VPCs<\/li><li>Availability Zones<\/li><li><strong>  Subnets (Ans<\/strong>)<\/li><\/ul>\n\n\n\n<p><strong>Which AWS resource is a VPC bound by?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>A single Region (Ans)<\/strong><\/li><li>A VPC can span all AWS resources<\/li><li>A single Availability Zone<\/li><li>A single Subnet<\/li><\/ul>\n\n\n\n<p><strong>How long does a VPC Peering request remain active?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>28 days<\/li><li><strong>7 days (Ans)<\/strong><\/li><li>1 hour<\/li><li>1 day<\/li><\/ul>\n\n\n\n<p><strong>Which protocol suite is used to encrypt most VPN tunnels?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Secure DNS<\/li><li>IPX\/SPX<\/li><li><strong>IPsec (Ans)<\/strong><\/li><li>NetBIOS<\/li><\/ul>\n\n\n\n<p><strong>What is the network portion of the following CIDR block &#8211; 10.0.0.0\/24?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>10.0<\/li><li>10<\/li><li>10.0.0.0<\/li><li><strong>10.0.0 (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>What form of address translation does the Amazon NAT AMI perform?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Port Address Translation (PAT) (Ans)<\/strong><\/li><li>Route Address Translation (RAT)<\/li><li>CIDR Address Translation (CAT)<\/li><li>Network Address Translation (NAT)<\/li><\/ul>\n\n\n\n<p><strong>Which of the following best describes an AWS Elastic Load Balancer?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A service that balances incoming traffic across multiple instances and Regions<\/li><li>A service that balances incoming traffic across multiple instances in a single Availability Zone<\/li><li><strong>A service that balances incoming traffic across multiple instances and Availability Zones (Ans)<\/strong><\/li><li>A service that balances incoming traffic across multiple instances and VPCs<\/li><\/ul>\n\n\n\n<p><strong>What kind of Elastic Load Balancers can be created?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Only internal<\/li><li><strong>Internet facing and internal (Ans)<\/strong><\/li><li>Only Internet facing<\/li><\/ul>\n\n\n\n<p><strong>Which AWS VPC component is required to allow instances in a private subnet to communicate with the Internet?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>An Internet gateway in the private subnet<\/li><li>A NAT instance in the private subnet<\/li><li>An Internet gateway in the public subnet<\/li><li><strong>A NAT instance in the public subnet (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Which of the following is true of the behavior of Security Groups?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Explicit deny rules are required to deny traffic<\/li><li>All traffic not explicitly denied is implicitly allowed<\/li><li><strong>Any traffic not explicitly allowed is implicitly denied (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>What is the major advantage of Elastic IPs over Public IPs?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Elastic IPs are publicly routable, Public IPs are not<\/li><li><strong>Elastic IPs belong to you and do not change when an instance reboots (Ans)<\/strong><\/li><li>Elastic IPs allow you to manually choose a particular address from the pool of Amazon addresses<\/li><\/ul>\n\n\n\n<p><strong>What is the acronym used in the AWS GUI to represent VPC Peering connection objects?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>PCX (Ans)<\/strong><\/li><li>VGW<\/li><li>PGW<\/li><li>IGW<\/li><\/ul>\n\n\n\n<p><strong>Which AWS technology is used to connect multiple VPCs so they can communicate using private IPs?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>VPC Peering (Ans)<\/strong><\/li><li>Direct Connect<\/li><li>Virtual Private Networks<\/li><li>Elastic Load Balancing<\/li><\/ul>\n\n\n<div class=\"epyt-gallery\" data-currpage=\"1\" id=\"epyt_gallery_68292\"><iframe loading=\"lazy\"  id=\"_ytid_15796\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/?enablejsapi=1&#038;autoplay=0&#038;cc_load_policy=0&#038;cc_lang_pref=&#038;iv_load_policy=1&#038;loop=0&#038;rel=1&#038;fs=1&#038;playsinline=0&#038;autohide=2&#038;theme=dark&#038;color=red&#038;controls=1&#038;disablekb=0&#038;\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  data-epytgalleryid=\"epyt_gallery_68292\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><div class=\"epyt-gallery-list\"><div>Sorry, there was a YouTube error.<\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>What kind of rules do Network Access Control Lists (NACLs) provide? Outbound allow and deny rules Inbound allow and deny rules Inbound and outbound allow rules Inbound and outbound allow&#8230; <\/p>\n","protected":false},"author":1,"featured_media":8710,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[5633],"tags":[],"class_list":["post-8628","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aws"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/8628","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=8628"}],"version-history":[{"count":3,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/8628\/revisions"}],"predecessor-version":[{"id":25162,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/8628\/revisions\/25162"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media\/8710"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=8628"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=8628"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=8628"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}