AWS

Question 1

AWS Lambda

Answer 1

vm managed entirely by AWS

Question 1

AWS Fargate

Answer 1

containers managed entirely by AWS

Question 2

AWS S3

Answer 2

-unlimited storage
-individual objects up to 500 GBs
-Write once, read only (WORM)
-99.99% durability

Question 3

AWS EC2 instances

Answer 3

virtual machines

Question 4

AWS ECS elastic container service

Answer 4

docker containers instead of vms

Question 5

AWS EKS elastic kubernetes service

Answer 5

docker containers managed by aws kubernetes

Question 6

AWS SQS

Answer 6

Simple Queue System

Question 7

AWS SNS

Answer 7

Simple Notification System

Question 8

AWS EFS (elastic file system)

Answer 8

-Multiple instances can access the data in EFS at the same time
-scales up and down automatically
-Linux file system
-Regional resource
-Can store data across multiple Availability Zones

Question 9

AWS EBS

Answer 9

-Block storage for EC2 instances
-In order to use EBS you need to be in the same AZ (availability zone)

Question 10

AWS RDS (Relational Database Service)

Answer 10

-MySQL
-PostgreSQL
-Oracle
-Microsoft SQL Server

lift and shift migration
lift and shift the database from on premise to AWS

-Automated patching
-Backups
-Redundancy
-Failover
-Disaster recovery

Amazon Aurora
-Supports MySQL and PostgeSQL Amazon own Db
-1/10 is the price from commercial db
-continuous backups

Question 11

Amazon Dynamo DB

Answer 11

Serverless database
-tables
—–items
———-attributes

Milisecond response time

simple flexible schema
evey item can have different attributes
Non-relational No SQL database
Fully managed

Question 12

Amazon Redshift

Answer 12

Data warehouses
-data warehouses as a service, single SQL against massive data
-

Question 13

AWS Database Migration Service

Answer 13

Migrate a database between a source and destination
-source db remains fully operational during migration
-downtime is minimized for apps that rely on that database
-the source and target dbs don’t have to be of the same type

Homogenous dbs
- MySQL to Amazon MySQL
-Same db to other Db
-schema struct, data types and database code is compatible

Heterogenous migration
-different schema
-tool for conversion the schema and the code
-migrate from source to destination

development and test database migrations
-test against test data w/o affecting prod users
database consolidation
-have several databases consolidate into 1
continuous database replication
-continuous use rds to perform data replication for disaster recovery

Question 14

Amazon Document DB, Amazon Neptune, Amazon Managed Blockchain

Answer 14

Document DB - variation of Mongo DB
Neptune -
Managed Blockchain - AWS version of blockchain

Question 15

AWS Shared Responsibility Model

Answer 15

Part of it is managed by the client
———-platform apps, OS, client side data encryption
Part of it is managed by AWS
————Compute, Storage, Database, Networking
AWS global infra, Regions Edge locations and Availability zones

Question 16

Users and Permissions

Answer 16

AWS root account user - MFA that account

IAM groups for users
Policies
Roles - associated permissions or associated to temp permissions

Question 17

AWS organizations

Answer 17

—centalized management
—consolidated billing
—hierarhical groupings of accounts
—-AWS service and API actions access control

Question 18

DDOS

Answer 18

UDP flood
- makes a request to a server and points the wrong return address to flood that server
- HTTP attacks
- SlowLoris attack - the attacker pretends to have a slow internet connection

-Solutions
———UDP flood -> Security Groups
———slowloris - elastic load balancer, you have to load the entire availability zone

——— custom attacks -> aws shield with aws waf - web app firewall filtering traffic

Question 19

Additional security services

Answer 19

aws kms service (key management service)
amazon inspector
——-network configuration reachability piece
——–amazon agent
——-security assessment service
amazon guard duty
——- identifies threats by monitoring the network activity and account behavior within aws environment

Question 20

Amazon CloudWatch

Answer 20

Metrics: Variables tied to your resources
Cloudwatch alarm for a certain resource, integrated with SNS
Benefits
-Access all your metrics from a central location
-Gain visibility into your apps, infrastructure and services
- Reduce MTTR and improve TCO

Question 21

Amazon CloudTrail

Answer 21

showing trails of interactions with system settings
answering the question what, who, when, how

Question 22

AWS Trusted Advisor

Answer 22

-Cost optimization
-Performance
-Security
-Fault tolerance
-Service limits