D325 ITEC 3602 Networks
Final Assessment Review (Qns & Ans)
2025
1. Scenario – Interconnecting Isolated Virtual Networks
A company operates several Virtual Private Clouds (VPCs) in
different AWS accounts within the same region. To share data
securely between these VPCs without routing traffic over the
public Internet, which option should the network architect
deploy?
- A. AWS Direct Connect
- B. VPC Peering
- C. VPN Gateway
- D. AWS Transit Gateway
©2025
, Correct ANS: B. VPC Peering
Rationale: VPC Peering creates a private networking
connection between two VPCs, enabling secure communication
without traffic ever traversing the public Internet. It is ideally
suited for connecting a small number of VPCs directly.
2. Scenario – Load Balancing for High-Performance
Applications
An online trading platform requires extremely low latency and
the ability to handle millions of requests per second, including
TLS termination. Which load balancer type is most appropriate?
- A. Application Load Balancer
- B. Network Load Balancer
- C. Classic Load Balancer
- D. AWS Global Accelerator
Correct ANS: B. Network Load Balancer
Rationale: Network Load Balancers are optimized for
extreme performance and ultra-low latency. They support TLS
termination and are ideal for high-throughput scenarios where
millions of requests must be handled with minimal delay.
3. Scenario – Scalable Multi-VPC Connectivity
©2025
, An enterprise has over a dozen VPCs that require
intercommunication. Managing individual VPC peering
connections is becoming complex. Which AWS networking
service simplifies hub-and-spoke connectivity among these
VPCs?
- A. VPC Peering
- B. VPN Gateway
- C. AWS Transit Gateway
- D. VPC Endpoint
Correct ANS: C. AWS Transit Gateway
Rationale: AWS Transit Gateway acts as a hub to
interconnect multiple VPCs and on-premises networks,
significantly simplifying management and scaling over numerous
direct VPC peering relationships.
4. Scenario – Latency-Based DNS Routing
A global e-commerce website wants to minimize latency by
routing user requests to the AWS region that offers the lowest
response time. Which Route 53 routing policy is best suited for
this use case?
- A. Simple Routing Policy
- B. Weighted Routing Policy
- C. Latency Routing Policy
©2025
, - D. Failover Routing Policy
Correct ANS: C. Latency Routing Policy
Rationale: Latency Routing Policy directs client requests to
the region that provides the lowest latency, ensuring a better user
experience in a global network environment.
5. Scenario – Securing Intra-VPC Communications
A company requires all communication between its EC2
instances in private subnets to be encrypted. Which technique
should be implemented to secure data in transit across the
network?
- A. Relying on security groups alone
- B. Implementing TLS/SSL encryption
- C. Using HTTP without encryption
- D. Disabling cross-subnet communication
Correct ANS: B. Implementing TLS/SSL encryption
Rationale: TLS/SSL protocols encrypt data in transit. By
enforcing TLS/SSL between instances—even within a private
network—the organization ensures that sensitive data remains
protected against eavesdropping.
©2025
Final Assessment Review (Qns & Ans)
2025
1. Scenario – Interconnecting Isolated Virtual Networks
A company operates several Virtual Private Clouds (VPCs) in
different AWS accounts within the same region. To share data
securely between these VPCs without routing traffic over the
public Internet, which option should the network architect
deploy?
- A. AWS Direct Connect
- B. VPC Peering
- C. VPN Gateway
- D. AWS Transit Gateway
©2025
, Correct ANS: B. VPC Peering
Rationale: VPC Peering creates a private networking
connection between two VPCs, enabling secure communication
without traffic ever traversing the public Internet. It is ideally
suited for connecting a small number of VPCs directly.
2. Scenario – Load Balancing for High-Performance
Applications
An online trading platform requires extremely low latency and
the ability to handle millions of requests per second, including
TLS termination. Which load balancer type is most appropriate?
- A. Application Load Balancer
- B. Network Load Balancer
- C. Classic Load Balancer
- D. AWS Global Accelerator
Correct ANS: B. Network Load Balancer
Rationale: Network Load Balancers are optimized for
extreme performance and ultra-low latency. They support TLS
termination and are ideal for high-throughput scenarios where
millions of requests must be handled with minimal delay.
3. Scenario – Scalable Multi-VPC Connectivity
©2025
, An enterprise has over a dozen VPCs that require
intercommunication. Managing individual VPC peering
connections is becoming complex. Which AWS networking
service simplifies hub-and-spoke connectivity among these
VPCs?
- A. VPC Peering
- B. VPN Gateway
- C. AWS Transit Gateway
- D. VPC Endpoint
Correct ANS: C. AWS Transit Gateway
Rationale: AWS Transit Gateway acts as a hub to
interconnect multiple VPCs and on-premises networks,
significantly simplifying management and scaling over numerous
direct VPC peering relationships.
4. Scenario – Latency-Based DNS Routing
A global e-commerce website wants to minimize latency by
routing user requests to the AWS region that offers the lowest
response time. Which Route 53 routing policy is best suited for
this use case?
- A. Simple Routing Policy
- B. Weighted Routing Policy
- C. Latency Routing Policy
©2025
, - D. Failover Routing Policy
Correct ANS: C. Latency Routing Policy
Rationale: Latency Routing Policy directs client requests to
the region that provides the lowest latency, ensuring a better user
experience in a global network environment.
5. Scenario – Securing Intra-VPC Communications
A company requires all communication between its EC2
instances in private subnets to be encrypted. Which technique
should be implemented to secure data in transit across the
network?
- A. Relying on security groups alone
- B. Implementing TLS/SSL encryption
- C. Using HTTP without encryption
- D. Disabling cross-subnet communication
Correct ANS: B. Implementing TLS/SSL encryption
Rationale: TLS/SSL protocols encrypt data in transit. By
enforcing TLS/SSL between instances—even within a private
network—the organization ensures that sensitive data remains
protected against eavesdropping.
©2025
