Bash, the Crucial Exams Chat Bot
AI Bot
Advanced Networking in AWS for DevOps Engineers Flashcards
AWS DevOps Engineer Professional DOP-C02 Flashcards
Study our Advanced Networking in AWS for DevOps Engineers flashcards for the AWS DevOps Engineer Professional DOP-C02 exam with 35+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| AWS Global Accelerator | A networking service that improves the availability and performance of applications with global users by utilizing static IP addresses and accelerating traffic via AWS edge locations |
| AWS Network Firewall | A managed service offering stateful and stateless inspection, intrusion prevention, and filtering for network traffic |
| AWS Private DNS | Enables private resolution of DNS names in resources within your VPC |
| AWS WAF (Web Application Firewall) | A managed service that protects web applications by controlling inbound and outbound traffic based on customizable security rules |
| Bastion Host in AWS Networking | A hardened remote access server within a public subnet designed to enable administrative access to instances within a private subnet |
| Classic Load Balancer vs Application Load Balancer | Classic Load Balancer operates at Layer 4 (TCP), while Application Load Balancer operates at Layer 7 (HTTP/HTTPS) |
| Cross-Region VPC Peering | Allows VPC peering connections between VPCs located in different AWS regions |
| Difference between VPC peering and Transit Gateway | VPC peering is direct one-to-one communication while Transit Gateway acts as a centralized hub for multiple VPCs and networks |
| Direct Connect Gateway | Facilitates communication between AWS Direct Connect connections and multiple VPCs spread across different regions |
| DNS failover with Route 53 | A mechanism in Route 53 to route traffic to a backup resource when the primary resource becomes unhealthy |
| Egress-only Internet Gateway | A horizontally scaled, redundant, and highly available VPC component that allows outbound internet access for IPv6 resources |
| Elastic IP | A static IPv4 address designed for dynamic cloud computing, allowing the reassociation of IPs between resources |
| Elastic Load Balancer (ELB) Cross-Zone Load Balancing | Distributes traffic evenly across all registered instances in multiple availability zones |
| Elastic Network Interface | A virtual network interface attached to an instance that enables network communication within a VPC |
| Gateway Load Balancer | A load balancer that helps deploy, scale, and manage third-party virtual appliances seamlessly in your VPC |
| Hybrid Connectivity Options in AWS | Includes VPN, AWS Direct Connect, and Transit Gateway for connecting on-premises environments to AWS |
| Network ACLs | Stateless network firewalls at the subnet level that provide an additional layer of security |
| Network Address Translation (NAT) | A method to map private IP addresses to public IP addresses for outbound internet access |
| Peering Connection Limits | AWS-imposed limits specifying the number of peering connections allowed per VPC |
| PrivateLink | A service for securely establishing a private connection between VPCs and AWS services without exposing them to the internet |
| Resource Access Manager (RAM) | A service enabling secure resource sharing across AWS accounts or within AWS Organizations |
| Route 53 | AWS's DNS service capable of domain registration, routing internet traffic, and health checks for resources |
| Route 53 health checks | A feature ensuring that Route 53 routes traffic to healthy endpoints by monitoring the health of resources |
| Security Groups | Virtual firewalls at the instance level that control inbound and outbound traffic based on rules |
| Service Control Policy in Networking | AWS Organizations' policy to restrict networking actions across accounts or resources |
| Split-Horizon DNS with Route 53 | A design using Route 53 to route traffic to different IP addresses based on the requester’s location |
| Static vs Dynamic Routing in AWS Networking | Static routing relies on manually defined routes whereas dynamic routing adapts based on network changes using routing protocols |
| Transit Gateway | A central hub that connects multiple VPCs, on-premises networks, and AWS services for simplified and scalable networking |
| Transit Gateway Multicast | Enables multicast traffic delivery across VPCs by leveraging the Transit Gateway for efficient group communication |
| Transit Gateway routing tables | Virtual tables used to define how Transit Gateway will route traffic between attached resources |
| Transit Gateway vs Direct Connect | Transit Gateway integrates multiple networks via AWS, while Direct Connect provides a dedicated physical connection between on-premises data centers and AWS |
| VPC Endpoints | Allows secure, scalable private connectivity to AWS services without requiring an internet gateway or NAT device |
| VPC Flow Logs | Logging feature tracking the IP traffic within VPCs for monitoring and network troubleshooting |
| VPC peering | A networking connection between two VPCs that allows traffic exchange privately without the need for a gateway or VPN connection |
| VPN Gateway | A virtual device enabling secure connection between an AWS environment and an on-premises network |
About the Flashcards
Flashcards for the AWS DevOps Engineer Professional exam give you a rapid way to review essential AWS networking services and design patterns. The deck explains how to link VPCs through peering, Transit Gateway, and PrivateLink, manage DNS with Route 53 health checks and failover, and analyze traffic using Flow Logs and elastic interfaces. It also highlights load-balancing strategies and cross-region architectures that appear on the test.
You'll reinforce layered security concepts-security groups, network ACLs, AWS Network Firewall, and WAF-while comparing hybrid connectivity options such as VPN, Direct Connect, and Transit Gateway attachments. By mastering these concise Q&As, you can quickly recall terminology, service limits, and architectural trade-offs likely to appear on exam day.
Topics covered in this flashcard deck:
- VPC peering & Transit Gateway
- Route 53 DNS & failover
- Security groups, ACLs, firewalls
- Load balancers & Global Accelerator
- Hybrid VPN & Direct Connect