Module 2: Compute & Networking

Looking for ‘AWS Cloud Technical Essentials module 2 answers’?

In this post, I provide complete, accurate, and detailed explanations for the answers to Module 2: Compute & Networking of Course 2: AWS Cloud Technical Essentials

Whether you’re preparing for quizzes or brushing up on your knowledge, these insights will help you master the concepts effectively. Let’s dive into the correct answers and detailed explanations for each question!

Week 2 Quiz

Graded Assignment

1. Which information is needed to create a virtual private cloud (VPC)?

  • The Availability Zone that the VPC will reside in.
  • The subnet that the VPC will reside in.
  • The AWS Region that the VPC will reside in. ✅
  • The group of subnets that the VPC will reside in.

Explanation:
When creating a VPC, you must select the AWS Region, as the VPC and its resources are scoped to a specific region. Availability Zones and subnets are configured after the VPC is created.

2. Which of the following can a route table be attached to?

  • AWS Accounts
  • Availability Zone
  • Subnets ✅
  • Regions

Explanation:
In AWS, route tables are associated with subnets, determining how traffic is directed within your VPC or to external networks.

3. A company wants to allow resources in a public subnet to communicate with the internet. Which of the following must the company do to meet this requirement?

  • Create a route to a private subnet
  • Attach an internet gateway to their VPC
  • Create a route in a route table to the internet gateway
  • A and B
  • B and C ✅

Explanation:
To allow communication with the internet:

  • B: Attach an Internet Gateway to the VPC
  • C: Add a route in the subnet’s route table pointing to the internet gateway

4. What is the compute as a service (CaaS) model?

  • The CaaS model requires that users purchase virtual machines and manually provision servers to run a workload.
  • The CaaS model offers computing resources (such as virtual machines that run on servers in data centers) on demand, by using virtual services. ✅
  • The CaaS model offers large discounts for computing resources. However, users must run the workload from the server that is stored on-premises.
  • The CaaS model delivers cloud-based applications to users across the globe, over the internet.

Explanation:
CaaS provides scalable, virtualized compute resources (like EC2 instances or containers) on demand, removing the need for physical hardware setup.

5. Which statement about the default settings of a security group is TRUE?

  • Allows all inbound traffic and blocks all outbound traffic by default.
  • Blocks all inbound traffic and allows all outbound traffic by default. ✅
  • Allows all inbound and outbound traffic by default.
  • Blocks all inbound and outbound traffic by default.

Explanation:
AWS security groups are stateful. By default, they block all inbound traffic but allow all outbound traffic unless otherwise configured.

6. What does an Amazon Elastic Compute Cloud (Amazon EC2) instance type indicate?

  • Instance family and instance size ✅
  • Instance placement and instance size
  • Instance tenancy and instance billing
  • Instance Amazon Machine Image (AMI) and networking speed

Explanation:
An EC2 instance type defines:

  • Family (e.g., t2, c5, m6g) – purpose/usage pattern
  • Size (e.g., large, xlarge) – resource allocation like CPU/RAM

7. What is the difference between using AWS Fargate or Amazon Elastic Compute Cloud (Amazon EC2) as the compute platform for Amazon Elastic Container Service (Amazon ECS)?

  • With AWS Fargate, AWS manages and provisions the underlying infrastructure for hosting containers. ✅
  • With Amazon ECS on Amazon EC2, AWS manages and provisions the underlying EC2 instance for containers.
  • With AWS Fargate, users need to manage cluster capacity and scaling.
  • With Amazon ECS on Amazon EC2, users need to upload only the source code. Amazon ECS takes care of the rest.

Explanation:
Fargate is a serverless container engine — no need to manage EC2 instances. With EC2, users manage the underlying server infrastructure.

8. Which statement about serverless is TRUE?

  • Users must provision and manage servers.
  • Users must manually scale serverless resources.
  • Users do not pay for idle resources. ✅
  • Users must manage availability and fault tolerance.

Explanation:
Serverless services like AWS Lambda only incur charges when functions run, not while they are idle.

9. True or False: AWS Lambda is always the best solution when running applications on AWS.

  • True
  • False ✅

Explanation:
Lambda is great for short-lived, event-driven functions, but not suitable for all workloads like long-running or resource-heavy tasks.

10. Which compute service does Amazon Elastic Compute Cloud (Amazon EC2) provide?

  • Container services
  • Serverless
  • Virtual machines (VMs) ✅
  • Analytics

Explanation:
Amazon EC2 provides virtual servers in the cloud, also known as virtual machines, for running applications.

11. Which stage of the instance lifecycle is an instance in when the account starts to accumulate charges?

  • When an instance is in a pending stage
  • When an instance is in a running stage ✅
  • When an instance is stopped
  • When an instance is terminated

Explanation:
Billing starts as soon as an instance enters the running state and stops when it’s stopped or terminated.

12. Which component of the c5.4xlarge instance determines the instance family and generation number?

  • 4x
  • Large
  • 4xlarge
  • c5 ✅

Explanation:
The prefix (like c5) indicates the instance family (compute-optimized) and generation (5th).

13. Which container runtime can be used to host a container on an Amazon Elastic Compute Cloud (Amazon EC2) instance?

  • Docker ✅
  • Container
  • Amazon Simple Storage Service (Amazon S3)
  • Amazon EC2

Explanation:
EC2 instances can use Docker to run containers. Docker is the most common container runtime on AWS.

14. What is an example of an event that invokes an AWS Lambda function?

  • An AWS API call that is made by an AWS Identity and Access Management (IAM) role
  • An upload of a file to the Amazon Simple Storage Service (Amazon S3) source bucket ✅
  • An incoming HTTP request to a website that is hosted on Amazon Elastic Compute Cloud (Amazon EC2)
  • A simple WordPress website that has no API integration

Explanation:
Lambda functions can be triggered by events like S3 file uploads, API Gateway calls, or DynamoDB updates.

15. True or False: With serverless, users do not need to provision and manage servers.

  • True ✅
  • False

Explanation:
True – With serverless (e.g., AWS Lambda), there is no server management for the user. AWS handles provisioning, scaling, and availability.

16. True or False: All AWS services require users to configure a virtual private cloud (VPC).

  • True
  • False ✅

Explanation:
Some services like Amazon S3, AWS Lambda, and DynamoDB can operate outside a VPC, although integration is possible.

17. An engineer is working with networks in the AWS Cloud. What should the engineer use to configure the size of their network?

  • Classless Inter-Domain Routing (CIDR) notation ✅
  • IPv6 notation
  • IPv4 notation
  • IP addresses

Explanation:
CIDR notation (e.g., 10.0.0.0/16) defines the IP range and size of your network or subnet.

18. What is the difference between network access control lists (ACLs) and security groups?

  • By default, network ACLs allow incoming traffic and block outgoing traffic from a subnet. Users can change these settings to provide an additional layer of security. However, the default configurations of security groups block all traffic.
  • By default, network ACLs block all traffic from a subnet. However, the default configurations of security groups allow all inbound and outbound traffic. Users can change these settings to provide an additional layer of security.
  • By default, network ACLs block incoming traffic and allow outgoing traffic. The default configurations of security groups block all traffic. Users can change these settings when they configure networking for their instance.
  • By default, network ACLs allow incoming and outgoing traffic from a subnet. Users can change these settings to provide an additional layer of security. However, the default configurations of security groups block all inbound traffic and allow all outbound traffic. ✅

Explanation:

  • NACLs (stateless): Default allows all traffic but can be customized
  • Security Groups (stateful): Block all inbound by default, allow outbound

Related contents:

Module 1: AWS Overview and Security
Module 3: Storage & Databases on AWS
Modul 4: Monitoring & Optimization

You might also like:

Course 1: Introduction to Information Technology and AWS Cloud
Course 3: Providing Technical Support for AWS Workloads
Course 4: Developing Applications in Python on AWS
Course 5: Skills for Working as an AWS Cloud Consultant
Course 6: DevOps on AWS and Project Management
Course 7: Automation in the AWS Cloud
Course 8: Data Analytics and Databases on AWS
Course 9: Capstone: Following the AWS Well Architected Framework

Leave a Reply