SEARCH
🇬🇧
MEM
O
RY
.COM
4.37.48
Guest
Log In
Â
Homepage
0
0
0
0
0
Create Course
Courses
Last Played
Dashboard
Notifications
Classrooms
Folders
Exams
Custom Exams
Help
Leaderboard
Shop
Awards
Forum
Friends
Subjects
Dark mode
User ID: 999999
Version: 4.37.48
www.memory.com
You are in browse mode. You must login to use
MEM
O
RY
  Log in to start
Index
 »Â
AWS Certification
 »Â
Chapter 1
 »Â
Level 1
level: Level 1
Questions and Answers List
level questions: Level 1
Question
Answer
is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC. You can configure your VPC; you can select its IP address range, create subnets, and configure route tables, network gateways, and security settings.
Virtual Private Cloud (VPC)
is a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select. Use a public subnet for resources that must be connected to the Internet, and a private subnet for resources that won't be connected to the Internet.
Subnet
specifies the allowed routes for outbound traffic leaving the Subnet.
Route Table
is a networking connection between two VPCs that enables you to route traffic between them using private IP addresses. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your own VPCs, or with a VPC in another AWS account within a single region.
vpc peering connection
Operates at the instance level (first layer of defense) & apply to network interfaces, not to IP addresses. Supports allow rules only. Is stateful: Return traffic is automatically allowed, regardless of any rules. We evaluate all rules before deciding whether to allow traffic. Applies to an instance only if someone specifies the security group when launching the instance, or associates the SG with the instance later on.
Security Group
Operates at the subnet level (second layer of defense). Supports allow rules and deny rules. Is stateless: Return traffic must be explicitly allowed by rules. We process rules in number order when deciding whether to allow traffic. Automatically applies to all instances in the subnets it's associated with (backup layer of defense, so you don't have to rely on someone specifying the security group).
Network ACL
allows users to allocate a public IP address and assign it to an instance of their choice. Elastic IPs are dynamically remappable IP addresses that make it easier to manage servers in the cloud because each IP address can be reassigned to a different instance when needed.
Elastic IP (EIP)
automatically distributes incoming web traffic across multiple EC2 instances. You can add and remove EC2 instances as your needs change without disrupting the overall flow of information. If one EC2 instance fails, Elastic Load Balancing automatically reroutes the traffic to the remaining running EC2 instances. If the failed EC2 instance is restored, Elastic Load Balancing restores the traffic to that instance.
Elastic Load Balancing