You have 3 VPCs A, B, and C. You want to establish a VPC Peering connection between all the 3 VPCs. What should you do?

Establish 3 VPC Peering connections (A-B, A-C, B-C)

VPC Peering supports Transitive Peering, so you need to establish 2 VPC Peering connections (A-B, B-C)

When you set up an AWS Site-to-Site VPN connection between your corporate on-premises datacenter and VPCs in AWS Cloud, what are the two major components you want to configure for this connection?

Virtual Private Gateway and Customer Gateway

Customer Gateway and NAT Gateway

Internet Gateway and Customer Gateway

Virtual Private Gateway and Internet Gateway

You have a VPC in your AWS account that runs in a dual-stack mode. You are continuously trying to launch an EC2 instance, but it fails. After further investigation, you have found that you are no longer have IPv4 addresses available. What should you do?

Add an additional IPv4 CIDR to your VPC

Modify your VPC to run in IPv6 mode only

Modify your VPC to run in IPv4 mode only

A web application backend is hosted on EC2 instances in private subnets fronted by an Application Load Balancer in public subnets. There is a requirement to give some of the developers access to the backend EC2 instances but without exposing the backend EC2 instances to the Internet. You have created a bastion host EC2 instance in the public subnet and configured the backend EC2 instances Security Group to allow traffic from the bastion host. Which of the following is the best configuration for bastion host Security Group to make it secure?

Allow traffic only on port 22 from the company's public CIDR

Allow traffic only on port 80 from the company's public CIDR

Allow traffic only on port 22 from the company's private CIDR

Allow traffic only on port 80 from the company's private CIDR

A company has set up a Direct Connect connection between their corporate data center to AWS. There is a requirement to prepare a cost-effective secure backup connection in case there are issues with this Direct Connect connection. What is the most cost effective and secure solution you recommend?

Setup a Site-to-Site VPN connection as a backup

Setup another Direct Connect connection to the same AWS region

Setup another Direct Connect connection to a different AWS region

A web application hosted on a fleet of EC2 instances managed by an Auto Scaling Group. You are exposing this application through an Application Load Balancer. Both the EC2 instances and the ALB are deployed on a VPC with the following CIDR 192.168.0.0/18. How do you configure the EC2 instances' security group to ensure only the ALB can access them on port 80?

Add an Inbound Rule with port 80 and the ALB's Security Group as the source

Add an Inbound Rule with port 80 and 0.0.0.0/0 as the source

Add an Inbound Rule with port 80 and 192.168.0.0/18 as the source

Load an SSL certificate on the ALB

AWS Solutions Architect Associate - Networking and VPC

Quiz

•

Information Technology (IT)

•

Professional Development

•

Practice Problem

•

Medium

Francis Borja

Used 3+ times

FREE Resource

23 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does the CIDR 10.0.4.0/28 correspond to?

10.0.4.0 to 10.0.4.15

10.0.4.0 to 10.0.32.0

10.0.4.0 to 10.0.4.28

10.0.0.0 to 10.0.16.0

Answer explanation

/28 means 16 IPs (=2^(32-28) = 2^4), means only the last digit can change.

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have a corporate network of size 10.0.0.0/8 and a satellite office of size 192.168.0.0/16. Which CIDR is acceptable for your AWS VPC if you plan on connecting your networks later on?

172.16.0.0/12

172.16.0.0/16

10.0.16.0/16

192.168.4.0/18

Answer explanation

CIDR not should overlap, and the max CIDR size in AWS is /16.

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You plan on creating a subnet and want it to have at least capacity for 28 EC2 instances. What's the minimum size you need to have for your subnet?

/28

/27

/26

/25

Answer explanation

Perfect size, 64 IPs. Must include enough space for the 5 reserved IPs.

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Security Groups operate at the level while NACLs operate at the level.

EC2 instance, Subnet

Subnet, EC2 instance

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have attached an Internet Gateway to your VPC, but your EC2 instances still don't have access to the Internet. What is NOT a possible issue?

Route Tables are missing entries

The EC2 instances don't have public IPs

The Security Group does not allow traffic in

The NACL does not allow traffic out

Answer explanation

Security groups are stateful and if traffic can go out, then it can go back in.

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You would like to provide Internet access to your EC2 instances in private subnets with IPv4 while making sure this solution requires the least amount of administration and scales seamlessly. What should you use?

NAT Instances with Source/Destination Check flag off

Egress Only Internet Gateway

NAT Gateway

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

VPC Peering has been enabled between VPC A and VPC B, and the route tables have been updated for VPC A. But, the EC2 instances cannot communicate. What is the likely issue?

Check the NACL

Check the Route Tables in VPC B

Check the EC2 instance attached Security Groups

Check if DNS Resolution is enabled

Answer explanation

Route tables must be updated in both VPCs that are peered.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

0 questions

AWS Certified Solutions Architect Associate Exam Guide Quiz

Quiz

•

0 questions

Cloud Architecting - Week 5

Quiz

•

0 questions

AWS Quiz

Quiz

•

0 questions

AWS Architecture

Quiz

•

0 questions

AWS Module 3 Knowledge Check

Quiz

•

0 questions

AWS Services Quiz

Quiz

•

0 questions

AWS SAA - W5

Quiz

•

0 questions

Module 7

Quiz

•

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Information Technology (IT)

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

25 questions

Christmas Movies

Quiz

•

Professional Development

20 questions

Christmas Trivia

Quiz

•

Professional Development

15 questions

Fun Holiday Trivia

Quiz

•

Professional Development

25 questions

Name That Tune - Christmas

Quiz

•

Professional Development

29 questions

Christmas Song Emoji Pictionary

Quiz

•

Professional Development

9 questions

Holiday Movie Trivia

Lesson

•

Professional Development

34 questions

Winter Trivia

Quiz

•

Professional Development

AWS Solutions Architect Associate - Networking and VPC

23 questions

What does the CIDR 10.0.4.0/28 correspond to?

/28 means 16 IPs (=2^(32-28) = 2^4), means only the last digit can change.

You have a corporate network of size 10.0.0.0/8 and a satellite office of size 192.168.0.0/16. Which CIDR is acceptable for your AWS VPC if you plan on connecting your networks later on?

CIDR not should overlap, and the max CIDR size in AWS is /16.

You plan on creating a subnet and want it to have at least capacity for 28 EC2 instances. What's the minimum size you need to have for your subnet?

Perfect size, 64 IPs. Must include enough space for the 5 reserved IPs.

Security Groups operate at the level while NACLs operate at the level.

You have attached an Internet Gateway to your VPC, but your EC2 instances still don't have access to the Internet. What is NOT a possible issue?

Security groups are stateful and if traffic can go out, then it can go back in.

You would like to provide Internet access to your EC2 instances in private subnets with IPv4 while making sure this solution requires the least amount of administration and scales seamlessly. What should you use?

VPC Peering has been enabled between VPC A and VPC B, and the route tables have been updated for VPC A. But, the EC2 instances cannot communicate. What is the likely issue?

Route tables must be updated in both VPCs that are peered.

You have set up a Direct Connect connection between your corporate data center and your VPC A in your AWS account. You also need to access VPC B in another AWS region from your corporate datacenter. What should you do?

This is the main use case of Direct Connect Gateways.

When using VPC Endpoints, what are the only two AWS services that have a Gateway Endpoint available?

These two services have a VPC Gateway Endpoint (remember it), all the other ones have an Interface endpoint (powered by Private Link - means a private IP).

AWS reserves 5 IP addresses each time you create a new subnet in a VPC. When you create a subnet with CIDR 10.0.0.0/24, the following IP addresses are reserved, EXCEPT:

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)

AWS Solutions Architect Associate - Networking and VPC

23 questions

What does the CIDR 10.0.4.0/28 correspond to?

/28 means 16 IPs (=2^(32-28) = 2^4), means only the last digit can change.

You have a corporate network of size 10.0.0.0/8 and a satellite office of size 192.168.0.0/16. Which CIDR is acceptable for your AWS VPC if you plan on connecting your networks later on?

CIDR not should overlap, and the max CIDR size in AWS is /16.

You plan on creating a subnet and want it to have at least capacity for 28 EC2 instances. What's the minimum size you need to have for your subnet?

Perfect size, 64 IPs. Must include enough space for the 5 reserved IPs.

Security Groups operate at the ________ level while NACLs operate at the ________ level.

You have attached an Internet Gateway to your VPC, but your EC2 instances still don't have access to the Internet. What is NOT a possible issue?

Security groups are stateful and if traffic can go out, then it can go back in.

You would like to provide Internet access to your EC2 instances in private subnets with IPv4 while making sure this solution requires the least amount of administration and scales seamlessly. What should you use?

VPC Peering has been enabled between VPC A and VPC B, and the route tables have been updated for VPC A. But, the EC2 instances cannot communicate. What is the likely issue?

Route tables must be updated in both VPCs that are peered.

You have set up a Direct Connect connection between your corporate data center and your VPC A in your AWS account. You also need to access VPC B in another AWS region from your corporate datacenter. What should you do?

This is the main use case of Direct Connect Gateways.

When using VPC Endpoints, what are the only two AWS services that have a Gateway Endpoint available?

These two services have a VPC Gateway Endpoint (remember it), all the other ones have an Interface endpoint (powered by Private Link - means a private IP).

AWS reserves 5 IP addresses each time you create a new subnet in a VPC. When you create a subnet with CIDR 10.0.0.0/24, the following IP addresses are reserved, EXCEPT:

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)

Security Groups operate at the level while NACLs operate at the level.