^{(from linux academy - Operation Exellence Pillar)}

You business operates in a very secure sensitive industry. You are looking at how to secure a small VPC. Your environment consists of a single S3 bucket, and an EC2 instance running in a internet connected VPC. What is the best way to lock down the environment, allowing access to S3 but keeping the environment as secure as possible?

^{(from linux academy - Operation Exellence Pillar)}

Your existing custom NACL currently allows all Internet web traffic into the subnet. As part of a project implementation, you need to block IP traffic from a subnet to a specific internet IP address. How can this be accomplished?

^{(from linux academy - Operation Exellence Pillar)}

Which of the following events can be logged using CloudTrail. (Choose all that apply)

^{(from linux academy - Operation Exellence Pillar)}

You need to migrate a legacy application into AWS. It currently runs on a Linux operating system and has a requirement for iSCSI based block storage. Which AWS Service would you utilise to meet this requirement?

^{(from linux academy - Operation Exellence Pillar)}

Which of the following are AWS managed services that can allow host access to instances running on the respective services? (Choose all that apply)

^{(from linux academy - Operation Exellence Pillar)}

You are designing a VPC to host a small application. The VPC will be connected back to your on-premises network using a VPN. An EC2 instance runs the application, and will only need to connect to the internet for software updates. You have a list of the software update DNS names. How can you restrict this within the AWS VPC?

^{(from linux academy - Operation Exellence Pillar)}

You've been asked to host a docker container within your AWS environment. What is the most appropriate product to use for this task?