Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Advanced Network Specialty > ACM - AWS Certificate Manager > Flashcards

ACM - AWS Certificate Manager Flashcards

1
Q

True or False: ACM lets you run a public or private CA.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or False: a public ACM uses a normal chain of trust, so it doesn’t require you to configure trust on your clients.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False: a private ACM certificate requires you to configure trust on your clients.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Can ACM generate certificates?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What two verification methods can be used when ACM generates a certificate?

A

DNS or email verification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why is DNS a better verification method when generating a certificate in ACM? (two reasons)

A
  1. Simplicity: If your domain is hosted with R53, ACM can auto-create the DNS verification records.
  2. Auto-renewal: ACM can auto-renew certs when DNS verification records are used.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can ACM import certificates from other sources?

A

Yes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ACM can only auto-renew one source of certificates - what is it?

A

Certificates generated by ACM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Whose responsibility is it to renew imported certificates?

A

Your responsibility (ie. not AWS/ACM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In general terms, what services can ACM certs be deployed to?

A

Supported services only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Can ACM certs be deployed to any AWS service?

A

No. Only supported services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can ACM certs be used with EC2?

A

No.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which screen is the EC2 configuration for ACM located on?

A

Trick question. ACM does not support deployment to EC2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are two common services that ACM is used with?

A
  1. CloudFront.
  2. Elastic Load Balancer.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Is ACM a global or region-based service?

A

It’s a regional service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When using a service such as ELB with ACM, what is the rule regarding the region that each service is in?

A

They must be in the same region.

17
Q

How is cross-region ACM use configured?

A

Trick question - you can’t. ACM and the service must be in the same region.

18
Q

Which ACM region does a global service like CloudFront use? Why is this?

A

The us-east-1 region.
Because all CloudFront Distributions are located in us-east-1.

19
Q

Does S3 use ACM?

A

No.

20
Q

How does a certificate get deployed to CloudFront Edge Locations? (two steps)

A
  1. ACM deploys the certificate to the distribution.
  2. The distribution then sends the cert to the Edge Locations.

AWS Advanced Network Specialty (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions