Category 1
The network access control list (network ACL) adds an optional layer of security at the ___ level?
Subnet
A Security Group acts as a ______for your instance, controlling inbound and outbound traffic
Virtual Firewall
What level does the network ACL work at?
Subnet level
A network address translation (NAT) gateway enables instances in a _______ to connect to the ________ or other AWS services, but prevent the internet from ______ a ________ with those instances
Private Subnet, Internet, Initiating, Connection
What protocols does the seventh layer of the OSI model use? Name two.
HTTP(S), FTP, DHCP, LDAP
Security groups have rules to manage ____ traffic
Instance
Unlike security groups, this subnet level firewall looks at rules in numerical order and also requires you to explicitly allow return traffic.
Network ACL
Amazon CloudFront is a a fast CDN service that securely delivers data, videos, applications, and APIs (application programming interfaces) to customers globally with __________________
low latency and high transfer speeds
This service lets instances in a private subnet access the internet without allowing inbound connections.
NAT Gateway
In establishing a AWS site-to-site VPN connection, what step should come after this: define configuration of VPN device or customer gateway (not a device but an AWS resource)?
create a custom route table
Hubs and switches work at _____, while routers work at _____.
layer 2 (data link layer), layer 3 (network layer)
When using a NAT gateway, what type of IP address must it be associated with to allow outbound internet access?
Elastic IP address
In what layer of the OSI model do NetBIOS and RPC operate?
Session
What is the primary difference between hub and switch in how they handle network traffic?
Hub broadcasts data to all devices while switch forwards data only to intended destination using mac address
This Route 53 routing policy is used when you want to send traffic to multiple resources at a set frequency that you define.
Weighted round robin routing