Subnets
What is a virtual network interface that can include the following attributes:
a primary private IPv4 address
one or more secondary private IPv4 addresses
one Elastic IP address per private IPv4 address
one public IPv4 address, which can be auto-assigned to the network interface for eth0 when you launch an instance
one or more IPv6 addresses
one or more security groups
a MAC address
a source/destination check flag
a description
Elastic Network Interface (ENI)
How many Security groups per network interface can you create by default?
5 (soft limit) maximum of 16.
True or False:
The default network ACL is configured to allow all traffic to flow in and out of the subnets with which it is associated
True
________is an object storage service that offers industry-leading scalability, data availability, security, and performance.
Amazon S3
________ is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS.
AWS Direct Connect (DX)
This specifies the allowed routes for outbound traffic leaving the subnet.
Route Table
True or False:
You can specify allow rules, but not deny rules.
True
Each subnet in your VPC must be associated with a network ACL. If you don't explicitly associate a subnet with a network ACL, the subnet is automatically associated with " "
The Default NACL
_________provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud.
Elastic Block Storage
AWS VPN is comprised of what two services?
AWS Site-to-Site VPN and AWS Client VPN
For security purposes, by design, each subnet must be associated with a " "
NACL
If you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules. Responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules. What term is used to describe this behavior?
Stateful
Network ACLs are _________; responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).
Stateless
________provides a fully managed native Microsoft Windows file system so you can easily move your Windows-based applications that require file storage to AWS.
FSx
How many routes can be established using the AWS Transit Gateway?
10,000
How many Subnets and NACLs can you create by default in one VPC?
200
What would be the result of the following commands:
revoke-security-group-ingress and revoke-security-group-egress
A rule(s) is deleted from a security group
Each network ACL includes a default rule whose rule value is " "
An Asterisk
In an S3 bucket You can also enforce write-once-read-many (WORM) policies with
S3 Object Lock
There are 2 ways where routes get propagated in the AWS Transit Gateway. What are they?
Routes to/from on-premises networks
Routes to/from Amazon VPCs
If a subnet doesn't have a route to the internet gateway, but has its traffic routed to a virtual private gateway for a Site-to-Site VPN connection, the subnet is known as a " "
VPN-only subnet
If you want to change the security group of an instance, what two states can the instance be in to accomplish this?
Running or Stopped
A network ACL contains a numbered list of rules that we evaluate in order, starting with the lowest numbered rule, to determine whether traffic is allowed in or out of any subnet associated with the network ACL. The highest number that you can use for a rule is " "
32766
What is the Bulk data retrieval time for objects stored in S3 Glacier?
Within 12 hours
How much does it cost to set up an Amazon Direct Connect?
Nothing