Knowledge Check
AWS Networking Knowledge Check
Section titled “AWS Networking Knowledge Check”Question 1
Section titled “Question 1”What is the simplest way to connect 100 virtual private clouds (VPCs) together?
- Chain VPCs together by using VPC peering.
- Connect each VPC to all the other VPCs by using VPC peering.
- Create a hub-and-spoke network by using AWS VPN CloudHub.
- Connect the VPCs to AWS Transit Gateway. ✓
Question 2
Section titled “Question 2”A company needs network traffic to flow between an AWS account in one Region to another account in a different Region. What should they set up between the transit gateways in each region?
- AWS PrivateLink
- Transit gateway peering attachment ✓
- AWS Site-to-Site VPN
- AWS Direct Connect
Question 3
Section titled “Question 3”A company has two virtual private clouds (VPCs). VPC A has a Classless Inter-Domain Routing (CIDR) block of 10.1.0.0/16. VPC B has CIDR block of 10.2.0.0/16. Both VPCs belong to the same AWS account. What is the simplest way to connect the two VPCs so that they can route all traffic between them?
- VPC endpoints
- AWS Site-to-Site VPN
- AWS Direct Connect
- VPC peering ✓
Question 4
Section titled “Question 4”Systems in a secure subnet in a virtual private cloud (VPC) must access a bucket in Amazon S3. Which solutions stop traffic from crossing the internet? (Select TWO.)
- Create a VPC gateway endpoint for Amazon S3. ✓
- Create a VPC peering connection to Amazon S3.
- Use a private IP address for the system.
- Use the private IP address of Amazon S3.
- Use VPC interface endpoints. ✓
Question 5
Section titled “Question 5”A company has three virtual private clouds (VPCs). VPCs A, B, and C have Classless Inter-Domain Routing (CIDR) blocks that do not overlap. Both A and C have separate VPC peering connections with B. However, A cannot communicate with C. What is the simplest and most cost-effective way to enable full communication between A and C?
- Link all three VPCs through a transit VPC, and route all traffic through the transit VPC.
- Add routes to B to enable traffic between A and C through B.
- Create VPC endpoints in A and C for the individual hosts that need to communicate with each other.
- Add a peering connection between A and C, and route traffic between A and C through the peering connection. ✓
Question 6
Section titled “Question 6”Because of a natural disaster, a company moved a secondary data center to a temporary facility with internet connectivity. It needs a secure connection to the company’s virtual private cloud (VPC) that must be operational as soon as possible. The data center will move again in 2 weeks. Which option meets the requirements?
- AWS Site-to-Site VPN ✓
- AWS Direct Connect
- VPC endpoints
- VPC peering
Question 7
Section titled “Question 7”A company is concerned about internet disruptions. It wants to efficiently route traffic from their on-premises network to an AWS edge location close to their customer gateway device. What should they use?
- AWS VPN CloudHub
- AWS Global Accelerator ✓
- AWS Transit Gateway
- AWS Direct Connect
Question 8
Section titled “Question 8”A company is implementing a system to back up on-premises systems to AWS. Which network connectivity method provides a solution with the most consistent performance?
- Virtual private cloud (VPC) endpoints
- Virtual private cloud (VPC) peering
- AWS Direct Connect ✓
- AWS Site-to-Site VPN
Question 9
Section titled “Question 9”A company uses a single AWS Direct Connect connection between their on-premises network and their virtual private cloud (VPC). They want to ensure that the network connectivity is highly available by adding a backup connection. Which network connectivity method provides the most cost-effective solution for the backup connection?
- Another AWS Direct Connect connection through the same Direct Connect location
- An on-demand AWS Site-to-Site VPN connection across the internet ✓
- An on-demand AWS Client VPN connection across the internet
- Another AWS Direct Connect connection through a different Direct Connect location
Question 10
Section titled “Question 10”A company is connecting a virtual private cloud (VPC) to multiple on-premises data centers using a virtual private network (VPN). Which implementation ensures resiliency and predictable bandwidth requirements?
- Implement AWS Transit Gateway to connect to each on-premises data center.
- Establish multiple Border Gateway Protocol (BGP) sessions for each VPC to create connectivity to multiple VPCs across multiple AWS Regions.
- Use a many-to-many mesh topology, such as Amazon VPC peering.
- Implement Direct Connect as the primary connection and use the VPN as a secondary failover connection from each data center. ✓