AWS VPC

1.Which of the following is used to allow communication to go out from the VPC to the Internet?
Internet Gateway

2.What mechanism is used to ensure that Port 80 traffic is allowed into a subnet?
Network Access Control Lists (NACLs) can be used to allow and deny communication via a specific port into the subnet.
Incorrect. The Internet Gateway provides connectivity to the internet, but does not manage ports.


3.Which of the following is a valid route (IP CIDR Block) for connecting an EC2 hosted website instance to the internet?
0.0.0.0/0
This is a valid route for connecting an EC2 instance to the internet. 0.0.0.0/0 is the IP CIDR Block value that represents the internet as a whole.

Not Correct
----------
A route is not required to connect.
0.0.0.0/24
10.0.0.0/24

4.Which of the following are true about Network Access Control Lists (NACLs)?
Network ACLs are a numbered list of rules, evaluated in order, used to determine if traffic should be allowed in or out of a subnet.
Network ACLs are stateless.
All inbound and outbound traffic is automatically blocked except on the default NACL. The default NACL (pre-created by AWS for the default VPC) allows all traffic by default.

Incorrect
---------
Network ACLs are stateful.
Network ACLs are attached to the VPC to control all traffic in and out of a VPC.

Useful
-------
Network ACLs are stateless. This means that we must explicitly allow traffic inbound and outbound.
Network ACLs are attached to subnets, not to a VPC.

5.How many Availability Zones can one subnet utilize?
One
A subnet can only use one Availability Zone.

6.What is a VPC?
VPC stands for virtual private cloud. A VPC is a virtual network that is logically isolated from other VPCs in the AWS cloud.

7.Which of the following listed below are true about a VPC? (Choose all that apply)
A route entry is automatically added to the route table, to allow communication with the Internet in the Default VPC.
An Internet Gateway is created automatically for the Default VPC.
All communication is allowed, by default, between all subnets created in the Default VPC.
A VPC is automatically created by default on AWS accounts

https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html
have a default VPC in each AWS Region.
default VPC is ready for you to use so that you don't have to create and configure your own VPC.


8.What is a subnet?
A subnet is a subdivision of an IP network.

A subnet is a subdivision of an IP network. An IP network is defined by an IP address and a subnet mask. When combined with a binary AND operation, they define the number of available networks and hosts available on an IP network. Those networks are subnets for that particular network.