1. Your on-premise network has an IP address range of 152.55.0.0/16. You have been allocated an address range of 152.55.253.0/24 for the AWS(Amazon Web Service) Cloud. You need to design the VPC and ensure communication between the VPC and your on-premise network. How would you accomplish this. Choose 2 answers from the options given below

A) Establish a VPN connection using your customer gateway. Ensure a route is present in your on-premise router to route traffic via the customer gateway.
B) Setup a VPC with an address range of 152.55.0.0/16
C) Setup a VPC with an address range of 152.55.253.0/24
D) Establish a VPN connection using your virtual private gateway, Ensure a route Is present in your on. router to route traffic via the virtual private gateway.



2. You?re trying to do some housekeeping and delete some unwanted interface. You try to delete an interface manually that has the following information ?Vpc Id: vpc-1 a2b3c4d?, ?Private Ip Addresses? ?Private DNS Name?: ?ip-20-O-2-227.ec2.internal?, ?Primary: true, Private Ip Address?: ?2O.O.2227? ?Requester Managed?: true, But you are not able to delete the interface. What Is the reason as to why you cannot delete the interface?

A) Its because it has a private DNS name attached
B) It?s because it is a requester managed interface
C) It?s because its attached to a VPC
D) Its because it has a private IP address attached



3. Which of the following is a key pre-requisite for creating a AWS(Amazon Web Service) Managed Microsoft AD directory? Choose 2 answers from the options given below(Select 2answers)

A) AVPCwith2subnets
B) Opening of several ports Including port 53
C) A NAT gateway in the public subnet
D) Usage of a NAT Instance in the VPC



4. Your company currently has a VPC and an AWS(Amazon Web Service) Direct connect connection to AWS. They need to move data between the on-premise location and the VPC In the most secure manner possible. You need to ensure confidentiality and integrity of the data in transit to your VPC. Which 3 steps would you take to accomplish this?

A) Setup a private VIP using the AWS(Amazon Web Service) Direct Connect connection
B) Attach a virtual private gateway to the VPC
C) Setup a public VIF using the AWS(Amazon Web Service) Direct Connect connection
D) Create a IPSec tunnel between the customer gateway and the virtual private gateway



5. Your company currently has a set of EC2 Instances hosted in a VPC. The IT Security department is suspecting a possible DDOS attack on the instances, What can you do to zero in on the IP addresses which are receiving a flurry of requests.

A) Use AWS(Amazon Web Service) Cloud trail to get the PP addresses accessing the EC2 Instances
B) Use AWS(Amazon Web Service) Trusted Advisor to get the PP addresses accessing the EC2 Instances
C) Use VPC Flow logs to get the PP addresses accessing the EC2 Instances
D) Use AWS(Amazon Web Service) Config to get the PP addresses accessing the EC2 Instances