D325 ITEC 3602
Networks
Latest Final Assessment Review
(With Solutions)
2026
1
,Multiple Choice (15 Questions)
You have a multi-region application deployed in AWS with VPCs in us-
east-1 and eu-west-1. Which AWS service provides a scalable, highly
available inter-region network transit hub to connect these VPCs securely
with minimal configurations?
a) AWS Direct Connect
b) AWS Transit Gateway
c) AWS Global Accelerator
d) AWS VPN CloudHub
Answer: b) AWS Transit Gateway
Rationale: Transit Gateway enables the interconnection of multiple VPCs
across regions, acting as a hub for scalable networking and management
reducing complexity.
Which AWS networking service is optimized for low latency, private
connectivity to AWS and avoids traversing the public internet?
a) VPN Gateway
b) AWS Direct Connect
c) Elastic Load Balancer
d) Amazon Route 53
Answer: b) AWS Direct Connect
Rationale: Direct Connect provides dedicated physical connections for
private, consistent connectivity to AWS networks.
In an AWS VPC, which subnet type allows instances to communicate
directly with the internet without NAT?
a) Private subnet
b) Public subnet
c) Isolated subnet
d) VPN subnet
2
, Answer: b) Public subnet
Rationale: Public subnets have a route to the Internet Gateway, allowing
inbound/outbound internet access.
Which AWS service would you use to implement DNS with latency-based
routing policies?
a) Amazon ElastiCache
b) AWS WAF
c) Amazon Route 53
d) AWS CloudTrail
Answer: c) Amazon Route 53
Rationale: Route 53 supports latency-based routing, directing traffic to
the lowest latency endpoint.
When configuring an AWS VPN connection, what type of configuration is
necessary on the on-premises customer gateway device?
a) Assigning a public IP address
b) Setting up BGP peer with AWS
c) Configuring IPsec tunnels
d) All of the above
Answer: d) All of the above
Rationale: Customer gateway devices require a public IP address, IPsec
tunnel setup, and generally BGP configuration for route exchange.
Which AWS component is used to isolate network traffic between
different tiers of an application within the same VPC?
a) Security Groups
b) Network ACLs
c) Subnets
d) All of the above
Answer: d) All of the above
3
Networks
Latest Final Assessment Review
(With Solutions)
2026
1
,Multiple Choice (15 Questions)
You have a multi-region application deployed in AWS with VPCs in us-
east-1 and eu-west-1. Which AWS service provides a scalable, highly
available inter-region network transit hub to connect these VPCs securely
with minimal configurations?
a) AWS Direct Connect
b) AWS Transit Gateway
c) AWS Global Accelerator
d) AWS VPN CloudHub
Answer: b) AWS Transit Gateway
Rationale: Transit Gateway enables the interconnection of multiple VPCs
across regions, acting as a hub for scalable networking and management
reducing complexity.
Which AWS networking service is optimized for low latency, private
connectivity to AWS and avoids traversing the public internet?
a) VPN Gateway
b) AWS Direct Connect
c) Elastic Load Balancer
d) Amazon Route 53
Answer: b) AWS Direct Connect
Rationale: Direct Connect provides dedicated physical connections for
private, consistent connectivity to AWS networks.
In an AWS VPC, which subnet type allows instances to communicate
directly with the internet without NAT?
a) Private subnet
b) Public subnet
c) Isolated subnet
d) VPN subnet
2
, Answer: b) Public subnet
Rationale: Public subnets have a route to the Internet Gateway, allowing
inbound/outbound internet access.
Which AWS service would you use to implement DNS with latency-based
routing policies?
a) Amazon ElastiCache
b) AWS WAF
c) Amazon Route 53
d) AWS CloudTrail
Answer: c) Amazon Route 53
Rationale: Route 53 supports latency-based routing, directing traffic to
the lowest latency endpoint.
When configuring an AWS VPN connection, what type of configuration is
necessary on the on-premises customer gateway device?
a) Assigning a public IP address
b) Setting up BGP peer with AWS
c) Configuring IPsec tunnels
d) All of the above
Answer: d) All of the above
Rationale: Customer gateway devices require a public IP address, IPsec
tunnel setup, and generally BGP configuration for route exchange.
Which AWS component is used to isolate network traffic between
different tiers of an application within the same VPC?
a) Security Groups
b) Network ACLs
c) Subnets
d) All of the above
Answer: d) All of the above
3
