Module 5 Knowledge Check
Which of the following is an optional security control that can be applied at the subnet layer of a VPC? (Select the best answer.)
A network ACL is an optional security control that can be applied at the subnet layer of a VPC.
Which of thee following can be used to protect Amazon Elastic Compute Cloud (Amazon EC2) instances hosted in AWS? (Select the best answer.)
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic.
Which AWS networking service enables a company to create a virtual network within AWS? (Select the best answer.)
Amazon Virtual Private Cloud enables a company to create a virtual network within AWS.
You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access? (Select the best answer.)
If you need to allow resources in a private subnet to access the internet, a NAT gateway must be present to enable this access.
True or False? Private subnets have direct access to the internet.
Private subnets do not have direct access to the internet.
With Amazon Virtual Private Cloud (Amazon VPC), what is the maximum size IP address range you can have in a VPC? (Select the best answer.)
The maximum size IP address range you can have in a VPC is /16.
With Amazon Virtual Private Cloud (Amazon VPC), what is the smallest size subnet you can have in a VPC? (Select the best answer.)
The smallest size you can have in a VPC is /28
Which component of AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? (Select the best answer.)
To ensure low-latency delivery, Amazon CloudFront uses AWS edge locations.
You are a solutions architect who works at a large retail company that is migrating it's existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-Domain Routing (CIDR) block of 10.0.1.0/24 which has 256 total IP addresses. How many IP addresses are available? (Select the best answer.)
The subnet has 256 IP addresses but 5 are reserved.
What happens when you use Amazon Virtual Private Cloud (Amazon VPC) to create a new VPC? (Select the best answer.)
When you create a VPC, a route table is created by default. You must manually create subnets and an internet gateway.