ACG/DCT Exam Review Flashcards by Raymond Sylverne

Route 53 Geolocation Routing Policy uses your geographic location to route you to the _____ region.

Route 53 Geolocation Routing Policy uses your geographic location to route you to the closest region.

How well did you know this?

Not at all

Perfectly

To remove the Spot Instances, the appropriate steps are to _____ the Spot request and then to _______ the Spot Instances.

To remove the Spot Instances, the appropriate steps are to cancel the Spot request and then to terminate the Spot Instances.

How well did you know this?

Not at all

Perfectly

A CNAME record can point to ___ DNS record hosted ________

A CNAME record can point to any DNS record hosted anywhere

How well did you know this?

Not at all

Perfectly

AWS X-Ray lets you analyze and _____ serverless applications

AWS X-Ray lets you analyze and debug serverless applications

How well did you know this?

Not at all

Perfectly

A Throughput Optimized HDD EBS volume is an HDD-backed storage device that is limited to ____ IOPS for each volume

A Throughput Optimized HDD EBS volume is an HDD-backed storage device that is limited to 500 IOPS for each volume

How well did you know this?

Not at all

Perfectly

Tape Gateway emulates ________ tape libraries, removes the cost and complexity of managing physical ______________, and provides more ________ than physical tapes.

Tape Gateway emulates physical tape libraries, removes the cost and complexity of managing physical infrastructure, and provides more durability than physical tapes.

How well did you know this?

Not at all

Perfectly

All EBS types and all instance families support _________, but there is no direct way to change the _________ state of a volume once it’s been launched.

All EBS types and all instance families support encryption, but there is no direct way to change the encryption state of a volume once its been launched.

How well did you know this?

Not at all

Perfectly

POSIX permissions allows you to ______ access from hosts by _____ and _____.

POSIX permissions allows you to restrict access from hosts by user and group.

How well did you know this?

Not at all

Perfectly

Amazon Neptune offers a fully-managed _____ database

Amazon Neptune offers a fully-managed Graph database

How well did you know this?

Not at all

Perfectly

Amazon Kinesis Data Analytics is the easiest way to _______ streaming data in real-time with standard ___

Amazon Kinesis Data Analytics is the easiest way to process streaming data in real-time with standard SQL

How well did you know this?

Not at all

Perfectly

The key difference between a pre-signed URL and a pre-signed Cookie is that pre-signed URLs are meant to share ___ file while pre-signed cookies grant access to ________ restricted files

The key difference between a pre-signed URL and a pre-signed Cookie is that pre-signed URLs are meant to share one file while pre-signed cookies grant access to multiple restricted files

How well did you know this?

Not at all

Perfectly

You can create an _____ record at the top of a zone apex, but you cannot with a _____ record

You can create an Alias record at the top of a zone apex, but you cannot with a CNAME record

How well did you know this?

Not at all

Perfectly

A VPC automatically comes with a default network ACL which ____ all inbound/outbound traffic. A _______ NACL _____ all traffic both inbound and outbound by default.

A VPC automatically comes with a default network ACL which allows all inbound/outbound traffic. A custom NACL denies all traffic both inbound and outbound by default.

How well did you know this?

Not at all

Perfectly

Amazon Redshift Spectrum allows you to directly run ___ queries against exabytes of unstructured data in __. No loading or ____________ of data is required.

Amazon Redshift Spectrum allows you to directly run SQL queries against exabytes of unstructured data in S3. No loading or transformation of data is required.

How well did you know this?

Not at all

Perfectly

The Pilot Light is a cost-effective disaster recovery strategy that ________ an existing application hosting environment in another AWS ______.

The Pilot Light is a cost-effective disaster recovery strategy that recreates an existing application hosting environment in another AWS Region.

How well did you know this?

Not at all

Perfectly

Pilot Light saves cost by _________ ___ most or all resources and only uses the resources during tests or when DR failover is necessary. RPO is about 10 minutes, and RTO could be _____

Pilot Light saves cost by turning off most or all resources and only uses the resources during tests or when DR failover is necessary. RPO is about 10 minutes, and RTO could be hours

How well did you know this?

Not at all

Perfectly

AWS Global Accelerator is used for ________ users of applications to local points of presence worldwide. It is not used for ________ content

AWS Global Accelerator is used for directing users of applications to local points of presence worldwide. It is not used for accessing content

How well did you know this?

Not at all

Perfectly

An Alias record can only point to Cloudfront, Elastic _______, ELB, S3 _______, or another record in the same _____ zone

An Alias record can only point to Cloudfront, Elastic Beanstalk, ELB, S3 website or another record in the same hosted zone

How well did you know this?

Not at all

Perfectly

Cloudfront Signed URLs provide more ________ over access to your content

Cloudfront Signed URLs provide more control over access to your content

How well did you know this?

Not at all

Perfectly

AWS _________ Application Model (AWS SAM) is an AWS CloudFormation extension used to package, test, and deploy _________ applications.

AWS Serverless Application Model (AWS SAM) is an AWS CloudFormation extension used to package, test, and deploy serverless applications.

How well did you know this?

Not at all

Perfectly

A launch configuration is an instance configuration template that an Auto Scaling group uses to launch ____

A launch configuration is an instance configuration template that an Auto Scaling group uses to launch EC2

How well did you know this?

Not at all

Perfectly

Amazon S3 Select is designed to help ______ and process data within an S3 _____

Amazon S3 Select is designed to help analyze and process data within an S3 object

CloudFront is designed to handle _____ protocols, meanwhile, Global Accelerator is best used for both HTTP and non-HTTP protocols such as ____ and ___

CloudFront is designed to handle HTTP protocols, meanwhile, Global Accelerator is best used for both HTTP and non-HTTP protocols such as TCP and UDP

When Amazon ECS uses Fargate for computing, it incurs no ____ when the application is ____.

When Amazon ECS uses Fargate for computing, it incurs no costs when the application is idle.

An alias with an A and AAAA type record set can be used to **\_\_\_\_\_** a DNS name to a **\_\_\_\_\_ \_\_\_\_\_\_\_\_**

An alias with an A and AAAA type record set can be used to **point** a DNS name to a **Load Balancer**

Amazon Lex is a service for building ____________ interfaces into any application using voice and text.

Amazon Lex is a service for building **conversational** interfaces into any application using voice and text.

A CNAME record _______ be pointed at a domain zone ____ record like dctlabs.com

A CNAME record **cannot** be pointed at a domain zone **apex** record like dctlabs.com

When you place DB instances in a _______ subnet, you add a layer of security.

When you place DB instances in a private subnet, you add a layer of security.

Each NACL includes a rule whose rule number is an asterisk. This rule ensures that it's **\_\_\_\_\_\_** if a packet doesn't match any of the other numbered rules. You can't **\_\_\_\_\_\_** or remove this rule.

Each NACL includes a rule whose rule number is an asterisk. This rule ensures that it's **denied** if a packet doesn't match any of the other numbered rules. You can't **modify** or remove this rule.

The way you add instances in private subnets to a public-facing ELB is to add **\_\_\_\_\_** subnets in the same AZs as the **\_\_\_\_\_\_** subnets to the ELB

The way you add instances in private subnets to a public-facing ELB is to add **public** subnets in the same AZs as the **private** subnets to the ELB

An **A** record simply points a name to an \_\_\_\_\_\_\_\_\_.

An **A** record simply points a name to an **IP address**.

Elasticache and DynamoDB can both be used to store ______ data.

Elasticache and DynamoDB can both be used to store **session** data.

Aurora Serverless incurs no compute costs when it is \_\_\_\_\_.

Aurora Serverless incurs no compute costs when it is **idle**.

You can add or remove rules from the **\_\_\_\_\_\_\_** network ACL.

You can add or remove rules from the **default** network ACL.

A General Purpose SSD EBS volume is limited to **\_\_,\_\_\_\_** IOPS for each volume

A General Purpose SSD EBS volume is limited to **16,000** IOPS for each volume

You can assign up to _____ security groups to an instance.

You can assign up to **five** security groups to an instance.

CloudFront uses Edge Locations to **\_\_\_\_\_** content, while Global Accelerator uses Edge Locations to **\_\_\_\_** an optimal pathway to the **\_\_\_\_\_\_\_** regional endpoint.

CloudFront uses Edge Locations to **cache** content, while Global Accelerator uses Edge Locations to **find** an optimal pathway to the **nearest** regional endpoint.

Cloudfront Signed URLs can specify the beginning and expiration ____ and ____ for access, along with specific IPs or range or IPs

Cloudfront Signed URLs can specify the beginning and expiration **date** and **time** for access, along with specific IPs or range or IPs

Amazon Elasticsearch is a fully managed service that makes it easy for you to search, analyze and **\_\_\_\_\_\_\_** data in **\_\_\_\_-\_\_\_\_**

Amazon Elasticsearch is a fully managed service that makes it easy for you to search, analyze, and **visualize** data in **real-time**

To prevent direct connectivity to the EC2 instances from the internet, you can deploy your EC2 instances in a **\_\_\_\_\_\_\_** subnet and have the ELB in a **\_\_\_\_\_\_\_** subnet.

To prevent direct connectivity to the EC2 instances from the internet, you can deploy your EC2 instances in a **private** subnet and have the ELB in a **public** subnet.

You can specify the instance store volumes for your instance only when you **\_\_\_\_\_\_** an instance.

You can specify the instance store volumes for your instance only when you **launch** an instance.

Origin access identity applies to **\_\_\_\_\_\_\_** origins

Origin access identity applies to **S3-bucket** origins

You can associate an AWS Direct Connect gateway with a **\_\_\_\_\_\_** gateway when you have multiple VPCs in the same _______ or a _______ private gateway.

You can associate an AWS Direct Connect gateway with a **transit** gateway when you have multiple VPCs in the same **r****egion**or a**virtual** private gateway.

You do not attach NAT gateways to VPCs; you add them to _______ subnets.

You do not attach NAT gateways to VPCs; you add them to **public** subnets.

Route 53 Geoproximity Routing Policy routes you to the nearest resource ______ a region.

Route 53 Geoproximity Routing Policy route you to the nearest resource **within** a region.

If your object size exceeds **\_\_\_** MB, you should consider using **\_\_\_\_\_\_\_** uploads instead of uploading the object in a single operation

If your object size exceeds **100** MB, you should consider using **multipart** uploads instead of uploading the object in a single operation

Amazon GuardDuty continuously monitors your AWS accounts and workloads for **\_\_\_\_\_\_\_\_\_\_** activity and delivers detailed security findings for visibility and **\_\_\_\_\_\_\_\_\_\_**.

Amazon GuardDuty continuously monitors your AWS accounts and workloads for **malicious** activity and delivers detailed security findings for visibility and **remediation**.

EMR utilizes a hosted Hadoop framework running on Amazon **\_\_\_** and **\_\_\_**.

EMR utilizes a hosted Hadoop framework running on Amazon **EC2** and **S3**.

A Provisioned IOPS SSD EBS volume provides up to \_\_,\_\_\_\_ IOPS for each volume.

A Provisioned IOPS SSD EBS volume provides up to **64,000** IOPS for each volume.

EFS Security Groups act as a \_\_\_\_\_\_\_\_, and the rules you add define the ______ flow.

EFS Security Groups act as a **firewall**, and the rules you add define the **traffic** flow.

Route 53 charges for queries with _____ records but not for _____ Records

Route 53 charges for queries with **CNAME** records but not for **Alias** Records

S3 Transfer Acceleration is used to accelerate object **\_\_\_\_\_\_** to S3 over **\_\_\_\_** distances

S3 Transfer Acceleration is used to accelerate object **uploads** to S3 over **long** distances

AWS Transit Gateway **\_\_\_\_\_\_** your VPCs and on-premises networks through a central hub like a cloud \_\_\_\_\_\_

AWS Transit Gateway **connects** your VPCs and on-premises networks through a central hub like a cloud **router**

AWS Transit Gateway puts an end to complex **\_\_\_\_\_\_\_\_** connections since it acts as a cloud router for each new connection

AWS Transit Gateway puts an end to complex **peering** connections since it acts as a cloud router for each new connection