AWS Caching, Governance, Migration

Question 1

What are the two types of caching that AWS supports ?

Answer 1

Internal caching: ElastiCache for database DAX for dynamo DB
External caching: Cloudfront CDN, Global accelerator

Question 2

What is cloudFront?

Answer 2

CloudFront is a CDN that securely delivers data and reduces latency

Question 3

What data is the most suitable for caching?

Answer 3

Static data

Question 4

What is the best service for delivering our data to our users faster?

Answer 4

CloudFront

Question 5

What mechanism is used to make sure your data doesn’t become stale?

Answer 5

TTL Settings

Question 6

What service will help you avoid issues with cached IP’s?

Answer 6

Global Accelerator

Question 7

What is global accelerator?

Answer 7

Is a networking service that send your users’ traffic through AWS’s global network infrastructure. It can increase performance and help deal with IP caching

Question 8

How do you add HTTPS to a static website being hosted in an S3 bucket?

Answer 8

CloudFront

Question 9

What are AWS’s two options for in-memory databases?

Answer 9

Redis, DynamoDB

Question 10

What is ElasticCache?

Answer 10

Is a managed version of 2 open source caching solutions, Memchached and Redis.

Question 11

What is the difference between Memcached and Redis?

Answer 11

Both are database caching solutions but Redis can also be a standalone in memory database with support for failover, backups and multi AZ

Question 12

What is DAX?

Answer 12

DynamoDB accelerator is a in memory cache for dynamoDB that reduces response times from milliseconds to microseconds

Question 13

What is AWS organizations?

Answer 13

A free governance tool by AWS that allows you to manage multiple accounts

Question 14

What is the best practice for centralizing all your logs and making sure they can’t be accidentally deleted.

Answer 14

Creating a logging account with AWS organizations and restricting access using SCP’s

Question 14

What are SCP’s

Answer 14

Service Control Policies are policies that are set up in AWS organization that limits the Access of the AWS accounts that they are attached to

Question 15

What’s the difference between Allow policies and Deny SCPs

Answer 15

Allow Service Control Policies will only give an account access to the services that are listed “filtering out all other services” A deny policy will deny access to the listed services

Question 16

What are the main benefits of using AWS organisations?

Answer 16

1. Logging accounts
2. Programmatic Creation
3. Reserved Instances
4. Consolidated Billing
5. Service Control policies

Question 17

Can you share reserved instance across multiple accounts?

Answer 17

Yes you can using AWS organisations

Question 18

What is AWS RAM?

Answer 18

Resource access management is a AWS feature that allows you to share aws resources such as a VPC between multiple accounts. Internal or External to your organizaition

Question 19

How much does AWS RAM cost?

Answer 19

Resource Access Management is free

Question 20

What is the difference between sharing a VPC using RAM and VPC peering?

Answer 20

RAM is easier and is generally suitable for Intra organization sharing
VPC Peering excels when you’re connecting 2 separate networks (Inter organization)

Question 21

What are cross account roles ?

Answer 21

It’s a IAM feature that allows you to give the user of another role access to resources inside your account

Question 22

What is the preferred way of giving a user access to your AWS resources?

Answer 22

Give them role access

Question 23

What is AWS Config?

Answer 23

AWS Config is an inventory management and control tool that allows you to show what infrastructure you have set up and the history of your infrastructure including deleted resources. It also allows you to create rules and enforce standards for how your infrastructure should be configured

Question 24

What is the best tool to check that your resources conform to the set of standards you have configured ?

Answer 24

AWS Config

Question 25

What are the four main features of AWS config ?

Answer 25

1. Standards definition and enforcement
2. Enforcement
3. View Resource history including deleted resources
4. Consolidation to a single region

Question 26

What is AWS Directory Service?

Answer 26

It is a fully managed version of Active Directory.

Question 27

What are the three typed of AWS Directory service?

Answer 27

1. Managed Microsoft AD: The full AD suite deployed in AWS
2. AD Connect: Creates a tunnel between AWS and your on-premises AD
3. Simple AD: Standalone directory powered by Linux Samba AD compatible Server

Question 28

When would you want to use AD Connect not Managed Microsoft AD?

Answer 28

When you don’t want to fully move your AD deployment to the cloud

Question 29

What is AWS Cost Explorer?

Answer 29

It is an easy to use tool that allows you to visualize your cloud costs and filter those costs based on a variety of structures including resource tags. It also allows you to forecast future spend

Question 30

What do you have to do to be able to use a tag for filtering in Cost Explorer?

Answer 30

Setup the tag as a cost allocation Tag

Question 31

What are the three main features of AWS Cost Explorer?

Answer 31

1. Understand Bills and Filter by tags: Can help filter by departement
2. Generate Budgets and reports
3. Predict future spend

Question 32

What are the three main features of AWS Cost Explorer?

Answer 32

1. Understand Bills and Filter by tags: Can help filter by department
2. Generate Budgets and reports
3. Predict future spend

Question 33

What is AWS budgets?

Answer 33

AWS budgets is a budgeting tool that allows you to easily set budgets based on costs, Usage, Reservations and Savings Plans and alert on certain thresholds

Question 34

What is CUR?

Answer 34

Costs and Usage Reports It is the most comprehensive and detailed view of your AWS spending

Question 35

What are the main features of CUR?

Answer 35

1. Comprehensive
2. Centralized: Can send all your reports to S3
3. Use with organizations
4. AWS intergrations with Athena, Redshift, QuickSight

Question 36

What is AWS Compute Optimizer?

Answer 36

It provides recommendations based on collected utilization and configuration metrics

Question 37

What 4 resources does AWS Optimizer work with?

Answer 37

1. Amazon EC2
2. Auto Scailing groups
3. AWS Lambda
4. Amazon EBS

Question 38

What is AWS Optimizations default state?

Answer 38

Disabled by default

Question 39

What are the three types of user accounts?

Answer 39

1. Standalone accounts
2. Member accounts: an account that is part of a organization
3. Management Account: AWS organizations management account

Question 40

What are AWS savings plans?

Answer 40

Flexible offerings for pricing on AWS compute usage, Similar to reserved instances

Question 41

What are the 3 savings plans types?

Answer 41

1. General Compute Savings Plans,
2. EC2 instance savings plans
3. SageMaker Savings Plans

Question 42

What is the pricing structure for saving plans?

Answer 42

1 and 3 year agreements. All upfront, Partial Upfront, No upfront

Question 43

What is AWS trusted adviser?

Answer 43

It is a fully managed best-practice auditing tool.

Question 44

What are the five areas that AWS trusted adviser will scan in your account?

Answer 44

1. Cost Optimization
2. Performance
3. Security
4. Fault Tolerance
5. Service Limits

Question 45

What is the best way to action AWS trusted advisor recommendations?

Answer 45

1. Set alerts
2. Automate responses to those alerts
   Note: AWS trusted advisor will not fix any problems just notify

Question 46

What is the cost of AWS trusted advisor?

Answer 46

Some services are free but other require payment

Question 47

What is AWS Control Tower?

Answer 47

The quickest way to create and manage secure, compliant, multi-account environment based on best practices (Account Orchestration)

Question 48

What are the five features of Control Tower

Answer 48

1. Landing zones
2. Guard rails
3. Account factory
4. CloudFormation StackSet
5. Shard Accounts

Question 49

What is a Control Tower Landing zone?

Answer 49

Well-achitected, multi-account environment

Question 50

What are the two types of Guardrails?

Answer 50

Preventive: use SCPs to allow or disallow actions (supported in all regions)
Detective: use AWS config rules just notifies (support in certain regions)

Question 51

What are the types of Control tower shared accounts?

Answer 51

1. Management account
2. Log Archive account
3. Audit account

Question 52

What are guard rails?

Answer 52

High level rules providing continuous governance for the AWS envirnoment

Question 53

What is account factory?

Answer 53

Configurable account template for the standardizing pre-approved configs of new accounts

Question 54

What is CloudFormation StackSet?

Answer 54

Automated deployment of templates deploying repeated resources for governance

Question 55

What is AWS license manager?

Answer 55

A service that makes managing licenses simpler and more efficient.

Question 56

What are the four features of License manager?

Answer 56

1. Centralized
2. Set Usage Limits
3. Reduces Overages
4. Supports software based on physical machine limits

Question 57

What is AWS Health / AWS personal health

Answer 57

It is a service that allows you to gain visibility into services and resource health of your AWS resources and accounts. It can inform you AWS maintenance and availability events (Specific and public events)

Question 58

What is AWS service catalog ?

Answer 58

It is a versioned, centralized catalog of pre-approved multipurpose components (AMIs, servers, software, databases …) That is defined as cloud formation templates to allow standardization and self-service of resources

Question 59

What is AWS Proton?

Answer 59

It is a service that offers standardized infrastructure as code provisioning and deployment of serverless/container architectures including deployment of code

Question 60

What is AWS WA tool?

Answer 60

AWS Well-Architected Tool is a tool for measuring current workloads against established AWS best practices and Historical data. It aids in documentation of workload and architecture decisions

Question 61

What is the AWS Snow family?

Answer 61

A set of secure appliances that provide peta-byte scale migration into and out of AWS so offering built-in compute

Question 62

What are the member of the Snow Family?

Answer 62

1. SnowCone: up to 8TB
2. SnowBall: 50 -80TB comes in storage, compute and GPU variants
3. SnowMobile: 100 PB

Question 63

How long does migration take when using the snow family?

Answer 63

About a week

Question 64

What is Storage Gateway?

Answer 64

Storage gateway is a hybrid cloud storage service that helps you merge on-premises resources with the cloud

Question 65

What are the three types of Storage Gateway?

Answer 65

1. File Gateway: NFS or SMB
2. Volume Gateway: iSCSI
3. Tape Gateway: Archive

Question 66

What are the two general modes supported by Storage Gateway?

Answer 66

1. Caching recent files on premises with main storage in AWS
2. Storing all files in AWS

Question 67

What are the main use cases for AWS Gateway?

Answer 67

Scalable Hybrid storage solution with AWS
Migration to AWS

Question 68

What is AWS DataSync?

Answer 68

It is a Secure (TLS) agent-based solution primarily for migrating on-premises storage to AWS. It allows you to easily move data between NFS and SMB and AWS S3, EFS, and FSx

Question 69

What is the AWS transfer family?

Answer 69

It is a solution that allows you to move files in and out of S3 or EFS using (SFTP, FTPS Externally) and FTP(Within the VPC in AWS)

Question 70

What is AWS Migration Hub?

Answer 70

It is a centralized dashboard where you can view SMS and DMS migration

Question 71

What is AWS SMS ?

Answer 71

Server migration service is a service that allow you to migrate your on-premsise virtual machinces and turn them into AWS AMIs

Question 72

What is AWS DMS?

Answer 72

Database migration service allows you to migrate your on-premises databases (Relational and non-relational) to AWS and leverage tools like schema conversion to transition to RDS or Aurora
Note: Only works with a AWS endpoint

Question 73

What is AWS Application discovery service?

Answer 73

It is a service that allows to use Agentless (OVA file) or Agent-Based application discovery so that you can easily and quickly migrate applications to AWS

Question 74

What is AWS MGN?

Answer 74

AWS migration service is an automated lift and shift for migrating infrastructure to AWS by replicating source servers (VM’s, Physical, or cloud servers)

Question 75

What is AWS SCT?

Answer 75

Schema conversion tool allows you to convert database schemas

Question 76

What are the three types of data migration?

Answer 76

1. Full load
2. Full Load and Change data Capture (CDC): captures changes during migration
3. CDC only: Only replicates changes from the source database

Question 77

What is AWS Amplify?

Answer 77

Amplify offers tools for front-end web and mobile developer to build full-stack applications. It offers support for Vue, Angular, React and Server side rendering (SSR) with Next.js Provide two main tools Amplify Hosting and Amplify Studio

Question 78

What is AWS Pinpoint?

Answer 78

Pinpoint is a service that enables you to engage with your customers it is primarily used for marketing campaigns and communicating with your customers. It allows you to leverage machine learning models to predict engagement interactions

Question 79

What are the 3 main use cases for AWS Pinpoint?

Answer 79

1. Marketing
2. Transactions
3. Bulk communication to up to millions of people

Question 80

What is AWS Comprehend ?

Answer 80

It’s a service that uses natural language processing to understand the meaning behind text. Implement sentiment analysis, in and search product reviews, Manage legal briefs

Question 81

What is AWS Kendra?

Answer 81

A service that uses machine learning to build an intelligent search service using unstructured text (S3, File Server, Databases)

Question 82

What is AWS Textract?

Answer 82

A service that uses machine learning to extract text from handwriting, and other scanned documents

Question 83

What is AWS Forcast?

Answer 83

Amazon forecast is a time-series forecasting service that uses machine learning and is built to give you important business insights

Question 84

What is Amazon Fraud Detector?

Answer 84

It is a fraud detection machine learning model that is highly customized based on your data (Free trial abuse, High risk account)

Question 85

What is Amazon Transcribe?

Answer 85

A service for converting live video and speech into text

Question 86

What is Amazon Lex?

Answer 86

A service that provides conversational chat bot functionality

Question 87

What is Amazon Polly?

Answer 87

A service for converting speech to text

Question 88

What is Amazon rekognition?

Answer 88

It is a computer vision service that automates the recognition of pictures and videos using deep learning and neural network. (You can use these processes to understand and label what is in a picture or video) Face Detection, Content Moderation

Question 89

What is Amazon SageMaker?

Answer 89

It is a service where you create, train and deploy machine learning models in AWS

Question 90

What is one way to decrease your sage maker costs?

Answer 90

Elastic inference (EI)

Question 91

What is amazon translate?

Answer 91

Allows you to translate from one language to another using deep learning/neural networks.

Question 92

What is sage maker NEO?

Answer 92

It’s a service that allows you to optimize for a specific computer architecture

Question 93

What is Amazon Elastic Transcoder?

Answer 93

It allows businesses and developers to convert media files from their original source format into versions that are optimized for various devices

Question 94

What are amazon kinesis video streams?

Answer 94

It is a service that allows you to stream media content data from a large number of devices to AWS and then run analytics, machine learning, playback and other processing