AWS Cloud Practitioner Module 4 - Networking
Security Group
virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance
Which component can be used to establish a private dedicated connection between your company's data center and AWS?
AWS Direct Connect
Virtual private gateway
Create a VPN connection between the VPC and the internal corporate network
Amazon Route 53
DNS web service that gives developers and businesses a reliable way to route end users to internet applications hosted in AWS -connects user requests to infrastructure inside and outside of AWS -manage the DNS records for domain names
Public subnet
Support the customer-facing website
Which statement best describes security groups?
They are stateful and deny all inbound traffic by default.
Internet gateway
connection between VPC and the internet
ACL
(Network Access Control List) virtual firewall that controls inbound and outbound traffic as the subnet level
Which service is used to manage the DNS records for domain names?
Amazon Route 53
Aamzon VPC
Amazon Virtual Private Cloud -Networking Service to establish boundaries AWS resources -allows you to organize resources into subnets
DNS
Domain name System -DNS resolution involves a DNS server communicating with a web server
AWS Direct Connect
Establish a dedicated connection between the on-premises data center and the VPC.
Which component is used to connect a VPC to the internet?
Internet gateway
Private Subnet
Isolate databases containing customers' personal information
Which statement best describes an AWS account's default network access control list?
It is stateless and allows all inbound and outbound traffic.
Your company has an application that uses Amazon EC2 instances to run the customer-facing website and Amazon RDS database instances to store customers' personal information. How should the developer configure the VPC according to best practices?
Place the Amazon EC2 instances in a public subnet and the Amazon RDS database instances in a private subnet.
Which statement best describes DNS resolution?
Translating a domain name to an IP address
VPC
Virtual Private Gateway -used to access private resources in a VPC -allows you to establish a VPN connection between your VPC and a private network
VPN
Virtual Private Network connection that encrypts your internet traffic from all the other requests around it
Public Subnet
contain resources that need to be accessible by the public
Private subnets
contain resources that should only be accessible through your private network, personal databases for example
stateless packet filtering
remember nothing and check packets that cross the subnet border inbound and outbound
stateful packet filtering
remember previous decisions made for incoming packets
Subnet
section of a VPC that you can group resources based on security or operational needs
AWS Direct Connect
service that enables you to establish a dedicated private connection between your data center and a VPC
packet
unit of data sent over the internet or a network -enters through an internet gateway
