AWS VPC MCQs (25)
1) VPC stands for?
A. Virtual Private Cloud
B. Virtual Public Cloud
C. Very Private Connection
D. Virtual Protocol Cloud
2) A VPC is a?
A. Private network in AWS
B. Storage service
C. Database service
D. CDN service
3) A VPC is created in?
A. One Region
B. All Regions
C. Multiple accounts automatically
D. Only on-prem
4) VPC CIDR block defines?
A. The IP address range for the VPC
B. The AWS account ID
C. The bucket name
D. The instance type
5) Subnets are created in?
A. One Availability Zone
B. Multiple Regions
C. CloudFront edge locations
D. IAM
6) A Public Subnet means?
A. Has a route to Internet Gateway
B. Has no route table
C. Only used for databases
D. Must be encrypted
7) A Private Subnet usually?
A. Has direct route to Internet Gateway
B. Does not have direct internet route
C. Must be public
D. Cannot host EC2
8) Internet Gateway (IGW) is used for?
A. Internet access for VPC resources
B. Encrypting traffic
C. DNS management
D. Storing objects
9) NAT Gateway is mainly used for?
A. Allow inbound internet to private instances
B. Allow private instances to access internet outbound
C. Replace route tables
D. Store logs
10) NAT Gateway should be placed in?
A. Private subnet
B. Public subnet
C. Any subnet without IGW
D. On-prem network
11) Route Table is used to?
A. Define traffic routing rules
B. Store passwords
C. Create users
D. Run code
12) Security Group works as?
A. Stateful firewall at instance/ENI level
B. Stateless firewall at subnet level
C. CDN cache
D. Storage encryption
13) Network ACL (NACL) is?
A. Stateful
B. Stateless
C. Used only for IAM
D. Used only for S3
14) NACL is applied at?
A. Subnet level
B. Instance level
C. Bucket level
D. Region level
15) Security Groups allow by default?
A. All inbound, no outbound
B. No inbound, all outbound
C. No inbound, no outbound
D. All inbound, all outbound
16) A VPC can span across?
A. Multiple Availability Zones
B. Multiple Regions
C. Multiple continents automatically
D. Only one subnet
17) VPC Peering is used to?
A. Connect two VPCs privately
B. Connect S3 to EC2
C. Connect CloudFront to Route 53
D. Connect IAM users
18) VPC Peering is?
A. Transitive by default
B. Not transitive (no routing through a peered VPC)
C. Only for same account
D. Only for same AZ
19) VPN connection in AWS is used to?
A. Connect on-prem to VPC securely over internet
B. Create CDN
C. Store files
D. Manage IAM users
20) Direct Connect is used for?
A. Private dedicated connection to AWS
B. Create NAT
C. Encrypt S3 automatically
D. Auto scale EC2
21) VPC Endpoint is used to?
A. Access AWS services privately without internet
B. Increase EC2 RAM
C. Host websites
D. Create buckets
22) Gateway Endpoint supports which service commonly?
A. S3
B. DynamoDB
C. Both S3 and DynamoDB
D. CloudFront
23) Interface Endpoint uses?
A. NAT Gateway
B. ENI (Elastic Network Interface)
C. Internet Gateway
D. Route 53 only
24) Which service provides DNS inside a VPC?
A. Route 53 Resolver (VPC DNS)
B. CloudFront
C. S3
D. EBS
25) Best practice for production VPC architecture is usually?
A. Only one subnet
B. Public + Private subnets across multiple AZs
C. No route tables
D. Put DB in public subnet
Answer Key
1) A
2) A
3) A
4) A
5) A
6) A
7) B
8) A
9) B
10) B
11) A
12) A
13) B
14) A
15) B
16) A
17) A
18) B
19) A
20) A
21) A
22) C
23) B
24) A
25) B