aws Flashcards
AWS Support API
Business & Enterprise
Which of the following can you use to resolve the connection between your on-premises VPN and your AWS virtual private cloud?
VPG, Route 53
Backup
Manage backup across services
Which of the following is typically used to secure your VPC subnets?
Network ACL
Serverless compute for containers
Fargate
For audit data, used infrequently, doesn’t need fast access.
S3 Glacier
What is the best way to keep track of all activities made in your AWS account?
Create a multi-region trail in AWS CloudTrail
Managed Blockchain
DB service. Create and manage scalable blockchain networks
Which service lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers, or custom URIs?
AWS WAF
2 CPUs, 4GB Memory, 8TB storage
Snowcone
Business Support Plan
Developer + full Trusted Advisor, 4-hour SLA for impaired, 1-hour SLA for down. Use-case guidance, limited support for 3rd-party software
CodeArtifact
artifact management for development
App Mesh
monitor and control microservices
SageMaker
Machine learning
Which of the following services will be able to reroute traffic to your secondary EC2 instances in another region during disaster recovery?
Amazon Route 53
Basic + 24-hour SLA, 12-hour SLA if systems impaired, diagnostic tools
Developer Support Plan
NoSQL database, serverless
DynamoDB
ElastiCache
cache over DBs
certain permissions, used for a temporary amount of time
Role
Deliver business value, constantly improving
Operational Excellence
details of resources in your account, relationships, configs
Config
S3 Infrequent Access One Zone
Only stored in one availabilty zone
Which of the following should you set up in order to connect your AWS VPC network to your local network via an IPsec tunnel?
A VPN gateway in your VPC connected to the Customer Gateway in your on-premises network
Web-based interface for accessing and managing AWS services. Includes wizards and automated workflows. Has a mobile app. Good for initial set-up, but manual, so human error can be a problem.
Management Console
Storage-optimized (80TB) or compute-optimized (42TB)
Snowball
Lift & shift - don’t change anything, just move to AWS
Rehost
Managed Relational Database Service for MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB
RDS
Cloud9
Write, Run, and Debug Code on a Cloud IDE
Network Firewall
stateful, managed, network firewall
Redshift
Data Warehousing
Which of the following services are part of the AWS serverless platform that does not require provisioning, maintaining, and administering servers for backend components?
Lambda@Edge, Amazon API Gateway
Contact Center
Connect
Change management, right people right roles, training
People Perspective
Analyze and debug your applications
X-Ray
Aurora
serverless MySQL DB, Relational database, six copies, three availability zones. Continuous backup to S3.
every API request is tracked, records all the details, for RCA
CloudTrail
CodeBuild
Build and Test Code
X-Ray
Analyze and debug your applications
Marketplace
Curated catalog of 3rd-party software
Commit to consistent usage for 1- or 3- year term. Up to your commitment at discounted prices, beyond that at on-demand pricing. Can be used for serverless as well. Measured in dollars per hour.
savings plan
Data Warehousing
Redshift
Which among the options below can you use to launch a new Amazon RDS database cluster to your VPC?
AWS Management Console, AWS CloudFormation
Data Pipeline
automate movement and transformation of data
Platform Perspective
Patterns, principles for architecture, migration
Simple Storage Service - scalable, access to multiple instances, but can be accessed by other cloud services, large volumes of static content, and complex queries, flat storage, analytics, archiving
S3
DynamoDB
NoSQL database, serverless
connects an on-premises software appliance with cloud-based storage
Storage Gateway
Enterprise Support Plan
Business + 15-minute SLA, dedicated Technical Account Manager
Migration Hub
Find best migration tool and monitor migrations
- AWS Management Console 2. AWS Command Line Interface 3. Software Development Kits 4. AWS Elastic Beanstalk 5. AWS CloudFormation
tools/services to provision resources
Build, Deploy, and Manage APIs
API Gateway
A customer is building a cloud architecture in AWS which should scale horizontally or vertically in order to automatically adjust capacity and maintain steady, predictable performance at the lowest possible cost. Which of the following statements are true regarding horizontal and vertical scaling?
Adding more EC2 instances to your resource pool is an example of Horizontal Scaling, Upgrading to a higher EC2 instance type is an example of Vertical Scaling
Basic set-up with basic tools to get started on AWS
Lightsail
Which of the following is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads?
Amazon GuardDuty
Define business operations to meet business goals
Operations Perspective
Snow Family
Migration services when you have slow/no connection - physical devices to transform and/or compute, can transfer your data then send to Amazon for uploading
CloudHSM
Hardware-based Key Storage for Regulatory Compliance
Which of the following are the things that Amazon CloudWatch Logs can accomplish
Monitor application logs from Amazon EC2 Instances, Adjust the retention policy for each log group
In which of the following occasions should you use the Amazon SQS in your application system? (Select TWO.)
If you need to decouple certain parts of your system for better fault tolerance
If you require a durable storage for your application events or messages
Use IT & computing resources efficiently
Performance Efficiency
Among the following services, which is the most suitable one to use to store the results of I/O-intensive SQL database queries to improve application performance?
Amazon ElastiCache
Which service in AWS protects your resources from common DDoS attacks in a proactive manner?
AWS Shield
Database Migration Service - can migrate relational or non-relational, can convert type, consolidate
DMS
Firewall Manager
Central Management of Firewall Rules
Build and Test Code
CodeBuild
securely share your resources across AWS accounts and within your organization or organizational units (OUs) in AWS Organizations
Resource Access Manager (RAM)
Which of the following are regarded as regional services in AWS
EFS, Batch
Inspector
security vulnerability assessment - vulnerabilities or deviations from best practices - security findings prioritized by level of severity
Model cloud infrastructure using code
Cloud Development Kit (CDK)
In front of your VPC to allow public traffic in
Internet Gateway (IGW)
Business Analytics
QuickSight
Free-tier
some stuff always free (usually with usage limits), 12-months free, and free-trials
Lift, tinker, & shift - make a few optimizations when you rehost
Replatform
Dedicated fiber connection from your data center to AWS - for lower latency on VPC.
Direct Connect
You are permitted to conduct security assessments and penetration testing without prior approval against which AWS resources?
Amazon RDS, Amazon Aurora
Storage that comes with an EC2 instance - attached to the instance, when the instance is stopped, the storage goes away. Fine for temporary files.
Instance Store Volume
Elastic File Service - can be mounted to multiple instances, scalable, like a hard drive in a file structure
EFS
Inspects services, recommendations for best practices: cost, performance, security, fault tolerance, service limits
Trusted Advisor
Data Exchange
third-party data
Find best migration tool and monitor migrations
Migration Hub
Shield
DDoS Protection
Cheaper and slower than Glacier
S3 Glacier Deep Archive
Automate Code Deployment
CodeDeploy
Migrate On-Premises Servers to AWS
Server Migration Service
Accelerated Computing instance
hardware accelerators, graphics processing, data pattern matching
Repurchase
Go with a new vendor
SDK provides customers with the ability to migrate timing-critical uncompressed video workflows to the cloud
The Cloud Digital Interface (CDI)
RDS
Managed Relational Database Service for MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB
Glue
Serverless - data engineers, data scientists
Cost insights
Application Cost Profiler
Release Software using Continuous Delivery
CodePipeline
What is the minimum support plan that will provide you access to all Trusted Advisor Checks?
Business
Steady-state workloads or predictable usage. 1- or 3- year term.
Reserved instance pricing
6 Benefits of Cloud computing
- Trade upfront expense for variable expense 2. Stop spending $ to run data centers 3. Stop guessing capacity 4. Economies of scale 5. Increase speed and agility 6. Go global in minutes
Transit Gateway
Easily scale VPC and account connections
Operations Perspective
Define business operations to meet business goals
Create and Manage Resources with Templates. Provision instances and build environments with code, no manual actions.
CloudFormation
QuickSight
Business Analytics
DDoS Protection
Shield
Automated lift-and-shift migration, simplifies and expedites migration to AWS.
Application Migration Service
Audit Manager
audit your services & security against industry standards, regulations
Snowcone
2 CPUs, 4GB Memory, 8TB storage
Which of the following best describes what CloudWatch can be used for
A repository for metrics and logs
Security Perspective
Meet security objectives
Management Console
Web-based interface for accessing and managing AWS services. Includes wizards and automated workflows. Has a mobile app. Good for initial set-up, but manual, so human error can be a problem.
- Rehost 2. Replatform 3. Retire 4. Retain 5. Repurchase 6. Refactor
Migration Strategies 6 Rs
Neptune
Fully Managed Graph DB service
Global Accelerator
Improve application availability and performance
Direct Connect
Dedicated fiber connection from your data center to AWS - for lower latency on VPC.
Server Migration Service
Migrate On-Premises Servers to AWS
CloudFront
CDN to edge locations
Subnet
One chunk of IP addresses. Like things are grouped. Subnets can be public or private.
Fast performance for processing large datasets in memory
Memory Optimized instance
Application Cost Profiler
Cost insights
What is the best type of instance purchasing option to choose if you will run an EC2 instance for 3 months to perform a job that is uninterruptible?
On-Demand
Instance Store Volume
Storage that comes with an EC2 instance - attached to the instance, when the instance is stopped, the storage goes away. Fine for temporary files.
web application firewall - block or allow requests based on conditions that you specify
WAF
Serverless Application Repository
Discover, Deploy, and Publish Serverless Applications
Elastic Container Service - Manage Docker containers
ECS
Fargate
Serverless compute for containers
Resource Access Manager (RAM)
securely share your resources across AWS accounts and within your organization or organizational units (OUs) in AWS Organizations
Lambda
serverless computing
45-ft shipping container delivered by semi, 100 petabytes
Snowmobile
monitor and control microservices
App Mesh
Security group
Security on an instance - every instance has one. By default, nothing allowed in until you add rules. Stateful. Whitelist.
ensure IT aligns with business
Business Perspective
Fault Injection Simulator
Fully managed fault injection service
OpsWorks
Automate Operations with Chef and Puppet
DB service. Create and manage scalable blockchain networks
Managed Blockchain
Which of the following statements is true for AWS CloudTrail?
When you create a trail in the AWS Management Console, the trail applies to all AWS Regions by default
Build conversational interfaces with voice and text
Lex
Business + 15-minute SLA, dedicated Technical Account Manager
Enterprise Support Plan
Which of the following is the most cost-effective service to use if you want to coordinate multiple AWS services into serverless workflows?
A VPN gateway in your VPC connected to the Customer Gateway in your on-premises network
hardware accelerators, graphics processing, data pattern matching
Accelerated Computing instance
audit your services & security against industry standards, regulations
Audit Manager
Securely Access Services Hosted on AWS
PrivateLink
savings plan
Commit to consistent usage for 1- or 3- year term. Up to your commitment at discounted prices, beyond that at on-demand pricing. Can be used for serverless as well. Measured in dollars per hour.
DataSync
Simple, fast, online data transfer
VPC
Isolated Cloud Resources
Control Tower
manage governance rules across accounts
recommend optimal Compute resources
Compute Optimizer
Discover, Deploy, and Publish Serverless Applications
Serverless Application Repository
Identity and Access Management (IAM)
control user access to AWS services, JSON, don’t use root user
A new AWS customer needs to deploy up to 100 t3a.large EC2 instances on their recently launched VPC, which is way beyond the default service limit. What should they do before launching their instances?
Create a case in the AWS Support Center page and request a service limit increase.
S3 Infrequent Access (S3 IA)
Accessed less frequently, but needs rapid access when it is used. Stored in at least 3 availability zones. Lower storage price, higher retrieval price
Security on an instance - every instance has one. By default, nothing allowed in until you add rules. Stateful. Whitelist.
Security group
for data with unknown access patterns - analyzes and moves to the class matching use
S3 Intelligent-tiering
What service acts as a firewall for your EC2 instances?
Security Group
four factors to consider in selecting a Region
- Compliance with data governance (company or government) 2. Proximity to customers 3. Availability of features 4. Pricing
cache over DBs
ElastiCache
Which of the following allows you to create and deploy infrastructure-as-code templates in AWS?
CloudFormation
What is the lowest support plan that allows an unlimited number of technical support cases to be opened?
Developer
Launch Wizard
third party applications
A company needs to troubleshoot an issue on their serverless application which is composed of an API Gateway, Lambda function, and a DynamoDB database. Which service should they use to trace user requests as they travel through their entire application?
AWS X-Ray
Know this structure of AWS Security
