ACG/DCT Exam Review Flashcards
Route 53 Geolocation Routing Policy uses your geographic location to route you to the _____ region.
Route 53 Geolocation Routing Policy uses your geographic location to route you to the closest region.
To remove the Spot Instances, the appropriate steps are to _____ the Spot request and then to _______ the Spot Instances.
To remove the Spot Instances, the appropriate steps are to cancel the Spot request and then to terminate the Spot Instances.
A CNAME record can point to ___ DNS record hosted ________
A CNAME record can point to any DNS record hosted anywhere
AWS X-Ray lets you analyze and _____ serverless applications
AWS X-Ray lets you analyze and debug serverless applications
A Throughput Optimized HDD EBS volume is an HDD-backed storage device that is limited to ____ IOPS for each volume
A Throughput Optimized HDD EBS volume is an HDD-backed storage device that is limited to 500 IOPS for each volume
Tape Gateway emulates ________ tape libraries, removes the cost and complexity of managing physical ______________, and provides more ________ than physical tapes.
Tape Gateway emulates physical tape libraries, removes the cost and complexity of managing physical infrastructure, and provides more durability than physical tapes.
All EBS types and all instance families support _________, but there is no direct way to change the _________ state of a volume once it’s been launched.
All EBS types and all instance families support encryption, but there is no direct way to change the encryption state of a volume once its been launched.
POSIX permissions allows you to ______ access from hosts by _____ and _____.
POSIX permissions allows you to restrict access from hosts by user and group.
Amazon Neptune offers a fully-managed _____ database
Amazon Neptune offers a fully-managed Graph database
Amazon Kinesis Data Analytics is the easiest way to _______ streaming data in real-time with standard ___
Amazon Kinesis Data Analytics is the easiest way to process streaming data in real-time with standard SQL
The key difference between a pre-signed URL and a pre-signed Cookie is that pre-signed URLs are meant to share ___ file while pre-signed cookies grant access to ________ restricted files
The key difference between a pre-signed URL and a pre-signed Cookie is that pre-signed URLs are meant to share one file while pre-signed cookies grant access to multiple restricted files
You can create an _____ record at the top of a zone apex, but you cannot with a _____ record
You can create an Alias record at the top of a zone apex, but you cannot with a CNAME record
A VPC automatically comes with a default network ACL which ____ all inbound/outbound traffic. A _______ NACL _____ all traffic both inbound and outbound by default.
A VPC automatically comes with a default network ACL which allows all inbound/outbound traffic. A custom NACL denies all traffic both inbound and outbound by default.
Amazon Redshift Spectrum allows you to directly run ___ queries against exabytes of unstructured data in __. No loading or ____________ of data is required.
Amazon Redshift Spectrum allows you to directly run SQL queries against exabytes of unstructured data in S3. No loading or transformation of data is required.
The Pilot Light is a cost-effective disaster recovery strategy that ________ an existing application hosting environment in another AWS ______.
The Pilot Light is a cost-effective disaster recovery strategy that recreates an existing application hosting environment in another AWS Region.
Pilot Light saves cost by _________ ___ most or all resources and only uses the resources during tests or when DR failover is necessary. RPO is about 10 minutes, and RTO could be _____
Pilot Light saves cost by turning off most or all resources and only uses the resources during tests or when DR failover is necessary. RPO is about 10 minutes, and RTO could be hours
AWS Global Accelerator is used for ________ users of applications to local points of presence worldwide. It is not used for ________ content
AWS Global Accelerator is used for directing users of applications to local points of presence worldwide. It is not used for accessing content
An Alias record can only point to Cloudfront, Elastic _______, ELB, S3 _______, or another record in the same _____ zone
An Alias record can only point to Cloudfront, Elastic Beanstalk, ELB, S3 website or another record in the same hosted zone
Cloudfront Signed URLs provide more ________ over access to your content
Cloudfront Signed URLs provide more control over access to your content
AWS _________ Application Model (AWS SAM) is an AWS CloudFormation extension used to package, test, and deploy _________ applications.
AWS Serverless Application Model (AWS SAM) is an AWS CloudFormation extension used to package, test, and deploy serverless applications.
A launch configuration is an instance configuration template that an Auto Scaling group uses to launch ____
A launch configuration is an instance configuration template that an Auto Scaling group uses to launch EC2
Amazon S3 Select is designed to help ______ and process data within an S3 _____
Amazon S3 Select is designed to help analyze and process data within an S3 object
CloudFront is designed to handle _____ protocols, meanwhile, Global Accelerator is best used for both HTTP and non-HTTP protocols such as ____ and ___
CloudFront is designed to handle HTTP protocols, meanwhile, Global Accelerator is best used for both HTTP and non-HTTP protocols such as TCP and UDP
When Amazon ECS uses Fargate for computing, it incurs no ____ when the application is ____.
When Amazon ECS uses Fargate for computing, it incurs no costs when the application is idle.
An alias with an A and AAAA type record set can be used to _____ a DNS name to a _____ ________
An alias with an A and AAAA type record set can be used to point a DNS name to a Load Balancer
Amazon Lex is a service for building ____________ interfaces into any application using voice and text.
Amazon Lex is a service for building conversational interfaces into any application using voice and text.
A CNAME record _______ be pointed at a domain zone ____ record like dctlabs.com
A CNAME record cannot be pointed at a domain zone apex record like dctlabs.com
When you place DB instances in a _______ subnet, you add a layer of security.
When you place DB instances in a private subnet, you add a layer of security.
Each NACL includes a rule whose rule number is an asterisk. This rule ensures that it’s ______ if a packet doesn’t match any of the other numbered rules. You can’t ______ or remove this rule.
Each NACL includes a rule whose rule number is an asterisk. This rule ensures that it’s denied if a packet doesn’t match any of the other numbered rules. You can’t modify or remove this rule.
The way you add instances in private subnets to a public-facing ELB is to add _____ subnets in the same AZs as the ______ subnets to the ELB
The way you add instances in private subnets to a public-facing ELB is to add public subnets in the same AZs as the private subnets to the ELB
An A record simply points a name to an _________.
An A record simply points a name to an IP address.
Elasticache and DynamoDB can both be used to store ______ data.
Elasticache and DynamoDB can both be used to store session data.
Aurora Serverless incurs no compute costs when it is _____.
Aurora Serverless incurs no compute costs when it is idle.
You can add or remove rules from the _______ network ACL.
You can add or remove rules from the default network ACL.
A General Purpose SSD EBS volume is limited to __,____ IOPS for each volume
A General Purpose SSD EBS volume is limited to 16,000 IOPS for each volume
You can assign up to _____ security groups to an instance.
You can assign up to five security groups to an instance.
CloudFront uses Edge Locations to _____ content, while Global Accelerator uses Edge Locations to ____ an optimal pathway to the _______ regional endpoint.
CloudFront uses Edge Locations to cache content, while Global Accelerator uses Edge Locations to find an optimal pathway to the nearest regional endpoint.
Cloudfront Signed URLs can specify the beginning and expiration ____ and ____ for access, along with specific IPs or range or IPs
Cloudfront Signed URLs can specify the beginning and expiration date and time for access, along with specific IPs or range or IPs
Amazon Elasticsearch is a fully managed service that makes it easy for you to search, analyze and _______ data in ____-____
Amazon Elasticsearch is a fully managed service that makes it easy for you to search, analyze, and visualize data in real-time
To prevent direct connectivity to the EC2 instances from the internet, you can deploy your EC2 instances in a _______ subnet and have the ELB in a _______ subnet.
To prevent direct connectivity to the EC2 instances from the internet, you can deploy your EC2 instances in a private subnet and have the ELB in a public subnet.
You can specify the instance store volumes for your instance only when you ______ an instance.
You can specify the instance store volumes for your instance only when you launch an instance.
Origin access identity applies to _______ origins
Origin access identity applies to S3-bucket origins
You can associate an AWS Direct Connect gateway with a ______ gateway when you have multiple VPCs in the same _______ or a _______ private gateway.
You can associate an AWS Direct Connect gateway with a transit gateway when you have multiple VPCs in the same regionor avirtual private gateway.
You do not attach NAT gateways to VPCs; you add them to _______ subnets.
You do not attach NAT gateways to VPCs; you add them to public subnets.
Route 53 Geoproximity Routing Policy routes you to the nearest resource ______ a region.
Route 53 Geoproximity Routing Policy route you to the nearest resource within a region.
If your object size exceeds ___ MB, you should consider using _______ uploads instead of uploading the object in a single operation
If your object size exceeds 100 MB, you should consider using multipart uploads instead of uploading the object in a single operation
Amazon GuardDuty continuously monitors your AWS accounts and workloads for __________ activity and delivers detailed security findings for visibility and __________.
Amazon GuardDuty continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.
EMR utilizes a hosted Hadoop framework running on Amazon ___ and ___.
EMR utilizes a hosted Hadoop framework running on Amazon EC2 and S3.
A Provisioned IOPS SSD EBS volume provides up to __,____ IOPS for each volume.
A Provisioned IOPS SSD EBS volume provides up to 64,000 IOPS for each volume.
EFS Security Groups act as a ________, and the rules you add define the ______ flow.
EFS Security Groups act as a firewall, and the rules you add define the traffic flow.
Route 53 charges for queries with _____ records but not for _____ Records
Route 53 charges for queries with CNAME records but not for Alias Records
S3 Transfer Acceleration is used to accelerate object ______ to S3 over ____ distances
S3 Transfer Acceleration is used to accelerate object uploads to S3 over long distances
AWS Transit Gateway ______ your VPCs and on-premises networks through a central hub like a cloud ______
AWS Transit Gateway connects your VPCs and on-premises networks through a central hub like a cloud router
AWS Transit Gateway puts an end to complex ________ connections since it acts as a cloud router for each new connection
AWS Transit Gateway puts an end to complex peering connections since it acts as a cloud router for each new connection
