Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

AWS

AWS Interview Questions and Answer Part – 11

January 11, 2020 comments off

What kind of rules do Network Access Control Lists (NACLs) provide?

  • Outbound allow and deny rules
  • Inbound allow and deny rules
  • Inbound and outbound allow rules
  • Inbound and outbound allow and deny rules (Ans)

How can you make a VPC Peering connection highly available (HA)?

  • You can pay more to purchase a highly available version of a VPC Peering connection
  • You can configure multiple VPC Peering connections between two VPCs for HA
  • They are automatically highly available (Ans)

Which are the most isolated – Regions or Availability Zones (AZ)?

  • Regions (Ans)
  • Availability Zones

Which of the following is true of Direct Connect?

A – It allows access to VPC resources using private IP addresses via a secure tunnel over the Internet
B – It allows access to VPC resources using private IP addresses but is not preferred over VPN tunnels
C – It allows access to VPC resources using private IP addresses and is preferred over VPN tunnels (Ans)

What was a major factor in the inception of Amazon Web Services?

  • The ability to leverage Amazon’s existing web-scale infrastructure (Ans)
  • The rise to popularity of the Docker container engine
  • A response to Microsoft Azure

True or false, an ELB can be configured to accept incoming HTTPS connections and forward them internally as normal HTTP?

  • True (Ans)
  • False

Which of the following is a valid subnet in a VPC with the following CIDR block – 192.168.0.0/16?

  • 192.0.1.0/24
  • 10.0.0.0/16
  • – 192.168.1.0/24 (Ans)
  • 10.0.0.0/2

How do you create a Router in your VPC?

  • Using the AWS CLI tools
  • A router is automatically created for your VPC (Ans)
  • From the Router-Config page in the VPC console

What AWS component is an Internet Gateway associated with?

  • Availability Zone
  • Subnet
  • Region
  • VPC (Ans)

At what level are Network ACLs applied?

  • EC2 Instances
  • VPCs
  • Availability Zones
  • Subnets (Ans)

Which AWS resource is a VPC bound by?

  • A single Region (Ans)
  • A VPC can span all AWS resources
  • A single Availability Zone
  • A single Subnet

How long does a VPC Peering request remain active?

  • 28 days
  • 7 days (Ans)
  • 1 hour
  • 1 day

Which protocol suite is used to encrypt most VPN tunnels?

  • Secure DNS
  • IPX/SPX
  • IPsec (Ans)
  • NetBIOS

What is the network portion of the following CIDR block – 10.0.0.0/24?

  • 10.0
  • 10
  • 10.0.0.0
  • 10.0.0 (Ans)

What form of address translation does the Amazon NAT AMI perform?

  • Port Address Translation (PAT) (Ans)
  • Route Address Translation (RAT)
  • CIDR Address Translation (CAT)
  • Network Address Translation (NAT)

Which of the following best describes an AWS Elastic Load Balancer?

  • A service that balances incoming traffic across multiple instances and Regions
  • A service that balances incoming traffic across multiple instances in a single Availability Zone
  • A service that balances incoming traffic across multiple instances and Availability Zones (Ans)
  • A service that balances incoming traffic across multiple instances and VPCs

What kind of Elastic Load Balancers can be created?

  • Only internal
  • Internet facing and internal (Ans)
  • Only Internet facing

Which AWS VPC component is required to allow instances in a private subnet to communicate with the Internet?

  • An Internet gateway in the private subnet
  • A NAT instance in the private subnet
  • An Internet gateway in the public subnet
  • A NAT instance in the public subnet (Ans)

Which of the following is true of the behavior of Security Groups?

  • Explicit deny rules are required to deny traffic
  • All traffic not explicitly denied is implicitly allowed
  • Any traffic not explicitly allowed is implicitly denied (Ans)

What is the major advantage of Elastic IPs over Public IPs?

  • Elastic IPs are publicly routable, Public IPs are not
  • Elastic IPs belong to you and do not change when an instance reboots (Ans)
  • Elastic IPs allow you to manually choose a particular address from the pool of Amazon addresses

What is the acronym used in the AWS GUI to represent VPC Peering connection objects?

  • PCX (Ans)
  • VGW
  • PGW
  • IGW

Which AWS technology is used to connect multiple VPCs so they can communicate using private IPs?

  • VPC Peering (Ans)
  • Direct Connect
  • Virtual Private Networks
  • Elastic Load Balancing
DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.