Subnets

5 minutes 5 Questions

Subnets are smaller, individual sections of a VPC IP address range partitioned into different availability zones for redundancy and fault tolerance. They segregate network traffic, allowing for better application performance and security. Subnets can be either private or public, depending on whethe…

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

You are designing an AWS VPC for a client who requires to host services within four private subnets. However, the client wants to minimize the number of allocated IP addresses in each subnet. What is the smallest subnet size you can create?

/26 /24 /30 /28

Correct Answer: /28

A /28 CIDR block provides smallest subnet size among the options with 16 IP addresses, in which 14 of them are usable, meeting the client requirements.

Question 2

Your company requires that instances within a public subnet in a VPC must be reachable from the internet. The instances have public IPs, and the security groups and NACLs are configured to allow incoming and outgoing traffic. However, the instances are still not reachable. What is the most likely cause?

The subnet's route tables are missing a route to a NAT Gateway NACL configuration issue VPC Peering is not configured The subnet's route tables are missing a route to an Internet Gateway

Correct Answer: The subnet's route tables are missing a route to an Internet Gateway

The most likely cause is the subnet's route tables are missing a route to an Internet Gateway, which is required for instances in the public subnet to have internet access.

Question 3

You have deployed multiple applications in a shared VPC across several subnets, each belonging to a different department. The accounting department's application has compliance requirements which demand that their data must not traverse the public internet. How should you ensure that data in their subnet meets this requirement?

Use NAT Gateway Use Internet Gateway Implement VPC Endpoint to access required AWS services Configure Security Group and NACL rules to block all traffic

Correct Answer: Implement VPC Endpoint to access required AWS services

Implement a VPC Endpoint, which is a private connection between your VPC and supported AWS services, ensuring the data does not traverse the public internet.

🎓 Unlock Premium Access

AWS Certified Solutions Architect - Associate + ALL Certifications

Subnets

Guide: Answering Questions on Subnets in Amazon VPC for the AWS Solution Architect exam

AWS Certified Solutions Architect - Subnets Example Questions

Question 1

Question 2

Question 3

🎓 Unlock Premium Access