AWS Academy Cloud Architecting [2606] - Module 7 Knowledge Check
A company is implementing a system to back up on-premises systems to AWS. Which network connectivity method will provide a solution with consistent performance? A. AWS Site-to-Site VPN B. AWS Direct Connect C. AWS peering D. AWS endpoints
B
A company has two VPCs. VPC A has a CIDR block on 10.1.0.6/16. VPC B has a CIDR block of 10.2.0.0/16. Both VPCs belong to the same AWS account. What is the simplest way to connect the two VPCs so that they can route all traffic between them? A. AWS Site-to-Site VPN B. AWS Direct Connect C. VPC peering D. VPC endpoints
C
A company uses a single AWS Direct Connect connection between their on-premises network and their VPC. They want to ensure that the network connectivity is highly available by adding a backup connection. Which network connectivity method provides most cost-effective solution for the backup connection? A. Another AWS Direct Connect connection through the same Direct Connect location B. Another AWS Direct Connect connection through a different Direct Connect location C. An on-demand AWS Client VPN connection across the internet D. AN on-demand AWS Site-to-Site VPN connection across the internet
D
Because of a natural disaster, a company moved a secondary data centre to a temporary facility with internet connectivity. It needs a secure connection to the company's VPC that must be operational as soon as possible. The data centre will move again in 2 weeks. Which option meets the requirements? A. AWS Site-to-Site VPN B. AWS Direct Connect C. VPC peering D. VPC endpoints
A
Systems in a secure subnet in a VPC must access a bucket in Amazon S3. Which solution stops traffic from crossing the internet? A. Create a VPC gateway endpoint for Amazon S3 B. Use a private IP address for the system C. Use the private IP address of Amazon S3 D. Create a VPC peering connection to Amazon S3
A
What does AWS Direct Connect provide? A. A dedicated network connection from an on-premises network to AWS that uses 802.1q B. A private telecommunications circuit from an on-premises network direct into AWS that uses Point-to-Point Protocol C. An encrypted tunnel that connects an on-premises network to AWS over the internet D. An extension of the AWS Cloud into customer data centres that uses AWS hardware installed on premises
A
A company's security administrator requires that EC2 instances in a specific subnet must connect to Amazon DynamoDB through a VPC endpoint. The company's network standards require that the infrastructure support high availability. Which action meets these architecture requirements without adding another subnet? A. Associate a single VPC endpoint with the subnet B. Associate two VPC endpoints with the subnet C. Associate two VPC endpoints with the subnet and use Elastic Load Balancing D. Associate VPC endpoints using an Auto Scaling group that is connected to Elastic Load Balancing
A or B
A company has three VPCs. VPC A, B and C have CIDR blocks that do not overlap. Both A and C have separate VPC peering connections with B. However, A cannot communicate with C. What is the simplest and most cost-effective way to enable full communication between A and C? A. Add routes to B to enable traffic between A and C through B. B. Add a peering connection between A and C, and route traffic between A and C through the peering connection. C. Link all three VPCs through a transit VPC, and route all traffic through the transit VPC. D. Create VPC endpoints in A and C for the individual hosts that need to communicate with each other.
B
What is a AWS Site-to-Site VPN? A. A service that provides SSL-encrypted links between websites in AWS B. A solution that provides encrypted sessions between AWS and on-premises systems by using TLS C. A service that provides the ability to access AWS and on-premises networks by using OpenVPN clients D. A solutions that provides a connection between a VPC and an on-premises network by using IPsec
D
What is the simplest way to connect 100 VPCs together? A. Create a hub-and-spoke network by using AWS VPN CloudHub B. Chain VPCs together by using VPC peering C. Connect each VPC to all the other VPCs by using VPC peering D. Connect the VPCs to AWS Transit Gateway
D
