Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

PQS's > AWS Certified Cloud Practitioner Exam > Flashcards

AWS Certified Cloud Practitioner Exam Flashcards

1
Q

What is Amazon EC2

A

Amazon Elastic Compute Cloud - a type of virtual server

Flexible, reliable, scalable (but you have to use a specific server type)

Serverless – you cannot see or access the underlying infrastructure

Amazon EC2: you pay for only the compute time that you use while your instances are running. For some workloads, you can significantly reduce Amazon EC2 costs by using Spot Instances. For example, suppose that you are running a batch processing job that is able to withstand interruptions. Using a Spot Instance would provide you with up to 90% cost savings while still meeting the availability requirements of your workload.
You can find additional cost savings for Amazon EC2 by considering Savings Plans and Reserved Instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Benefits of EC2?

A

no upfront costs, flexibility in scale, and you don’t have to wait to get started
Hypervisor = responsible for managing resources between virtual machines
Multitenancy: sharing underlying hardware between virtual machines
Vertical scaling: making instance bigger with more memory/storage, etc.
CaaS: Compute as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Identify the different Amazon EC2 instance types.

A

Instance Types -> under an instance Family
Family:
General Purpose – balanced resourced
Compute Optimized – compute intensive, gaming servers, high performance compute, scientific modeling
Memory Optimized – memory intensive tasks - workload that requires large amounts of data to be preloaded before running an application
Accelerated Computing – floating point number calculations, graphics processing, data pattern matching, utilize hardware accelerators
Storage Optimized – high performance for locally stored data. Designed for workloads that require high, sequential read and write access to large datasets on local storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Differentiate between the various billing options for Amazon EC2.

A

On-demand – only pay for duration instance pays for
Savings plan – low prices for a commitment for 1 or 3 year term (72% potential savings over on-demand) – pick how much per hour you want to pay for, any above that is charged at on-demand pricing
Reserved instances – predictable usage and specify what instance type you need – 1 or 3 year team, full pay, partial or pay later (75% savings over on-demand)
Spot instances – spare AWS usage (90% off on-demand price) – AWS can claim instance at any time
Dedicated hosts – certain compliance requirements – you lease the entire host all by yourself – most expensive option

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Summarize the benefits of Amazon EC2 Auto Scaling.

A

You don’t have to worry about scaling your assets to demand every hour/day/year, overpay for underutilization or underpay and not be able to service clients at peak times
AWS Service that provides scaling for Amazon EC2 instances is Amazon EC2 Auto Scaling
Dynamic scaling – responds to changing demand
Predictive scaling – automatically schedules the right number of Amazon EC2 instances based on predicted demand

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is scaling up vs scaling out?

A

Scaling up – add more power to machines that are already running
Scaling out – adding more instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Summarize the benefits of Elastic Load Balancing.

A

Properly distribute traffic – high performance, cost-efficient, highly available, automatically scalable
Regional construct – instead of on the individual instances – this makes it highly available
ELB = single URL so you don’t have to manage many to many connections between ordering tier (front-end) and production tier (back end)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Summarize the differences between Amazon Simple Notification Service (Amazon SNS) and Amazon Simple Queue Service (Amazon SQS).

A

Messaging and queuing – an order buffer if the worker is still working on the previous request, this way the order is not lost
If components directly communicate with each other without a buffer, it’s called – tightly coupled architecture – this is also called a monolithic application
-if a single component fails, the entire system will fail or have issues
Loosely couple architecture – single failure won’t cause cascading failures – microservices approach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Amazon SQS

A

Simple Queue Service - send, store, receive messages between software components at any volume
Payload = data inside a message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a Amazon SQS queue

A

where messages are placed until they are processed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Amazon SNS

A

delivery service:
-publish/subscribe model (pub/sub)
-create a Amazon SNS topic = a channel for messages to be delivered
-add subscribers to the topic
-publish 1 message to a topic, and it will be sent out to all the subscribers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is AWS Lambda?

A

– serverless – upload code into a lambda function, configure a trigger, service waits for trigger, function is then automatically run
–configured to run processes of < 15 minutes
–good for quick processing, or handling web requests, etc that are quick, less than 15 min to complete

AWS Lambda: you are charged based on the number of requests for your functions and the time that it takes for them to run. AWS Lambda allows 1 million free requests and up to 3.2 million seconds of compute time per month.
You can save on AWS Lambda costs by signing up for a Compute Savings Plan.
-Compute Savings Plan offers lower compute costs in exchange for committing to a consistent amount of usage over a 1-year or 3-year term. This is an example of paying less when you reserve.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is AWS ECS?

A

AWS Elastic Container Service - not serverless – run containerized applications at scale

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is AWS EKS?

A

AWS Elastic Kubernetes Service - not serverless – similar to ECS, differing tooling/features
–both can run on EC2
–both are container orchestration tools
–container = a Docker container, a package for your code – similar to how VMs work
Cluster = a group of containers across many instances
–container orchestration – monitoring and managing containers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is AWS Fargate

A

serverless compute service for ECS or EKS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Describe the basic concept of Availability Zones.

A

Regions are geographically isolated areas
Each AWS Region has multiple Availability Zones
Availability Zone (AZ) = AWS Data Center or groups of DCs
Best practice = run across at least 2 Availability Zones in a Region
Elastic Load Balancing = a region service = it runs across all Availability Zones in the region
Regionally scoped service = highly available since it spans all Availability Zones in the region

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Summarize the benefits of the AWS Global Infrastructure.

A

Compliance – You can block off data where it lives, for compliance purposes – like leaving Germany business data only in GE
Proximity – be close to your customers – lower latency
Feature Availability – sometimes closest region does not have all features you want
Pricing – some regions are more expensive than others, like gov’t taxes, fees, labor, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Describe the benefits of Amazon CloudFront and edge locations.

A

CDN = content delivery network:
Amazon Cloudfront = Amazon’s CDN
-a network that delivers content to users based on their geographic region (like Edge locations).
Edge locations = run Amazon Cloudfront to get content closer to your customers and also Amazon Route 53 (Domain Name Service)
An edge location is a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are AWS Outposts?

A

install a mini-region inside of your own data center

Aws owned and managed physical resources in your physically owned building

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Compare different methods for provisioning AWS services.

A

In AWS, everything is an API
1. AWS management console: the admin dashboard where you control everything
2. AWS Command Line Interface (CLI): make API calls using the terminal on your machine
You can do everything via the CLI as you can do on the GUI of the AWS management console
3. AWS Software Development Kits (SDKs) – create AWS programs using various programming languages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is AWS Elastic Beanstalk

A

-service that helps you provision EC2 instances – builds out your environment for you
-helps you focus on business application, not the infrastructure
-you provide code and configuration settings, and Elastic Beanstalk deploys the resources necessary to perform the following tasks:
Adjust capacity
Load balancing
Automatic scaling
Application health monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is AWS CloudFormation

A

Infrastructure as code tool used to define a wide variety of AWS resources
-use JSON or YAML text-based documents, called “cloud formation templates”
-helps define what you want, without having specify how you want it built

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is Amazon VPC?

A

Amazon Virtual Private Cloud - provision a logically isolated section of the AWS cloud where they can be public facing or private
Cashiers interact with Customers, so we put cashiers into a public subnet
Baristas need to focus on working, so put baristas in a private subnet
VPC = basically your own private network within AWS – you can define your IP range for your AWS resources
-you place EC2 instances and ELBs inside your VPC
Subnets are chunks of IP addresses in your VPC that allow you to group resources together
In order to make your VPC public facing, you must attach an Internet Gateway (kinda like a door) to your VPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is AWS Direct Connect

A

VPN and private route, direct fiber connection from your data center to AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
What is a VPC?
Virtual private cloud - virtual private gateway only allows traffic if they are coming from an approved network, not public traffic Virtual private gateways (create vpn connection between VPC and internal corporate network) and VPNs still use public traffic routes via the internet and are susceptible to slowdowns, etc.
25
Describe the difference between public and private networking resources.
Only reason to use subnets in a VPC (virtual private cloud) is to control access to the Internet Gateways (IGWs). Public subnets can access internet, private subnets cannot.
26
What is a Security Group
Each EC2 instance has Security Groups (like a doorman at a building – only checks entrants) – instance level security. All ports and everything incoming is automatically blocked by default. All traffic is allowed out.
27
What is a Network ACL?
Every packet that crosses the subnet boundaries gets checked by a Network Access Control List (like passport control - Can keep packets in, or out) - this checks if packet has permissions to enter/leave subnet based on who it was sent from and how it’s trying to communicate. Default of Network Access Control Lists = allow all incoming and outgoing packets
28
What is difference between Network ACL and Security Group?
Network ACL = Stateless – remembers nothing, checks every packet always Security Group = Stateful – has a memory, if it has the packet in its memory, it will automatically allow it w/o checking list
29
Explain a VPG
A virtual private gateway is the VPN endpoint on the Amazon side of your Site-to-Site VPN connection that can be attached to a single VPC. A virtual private gateway enables you to create a VPN connection between your VPC and a private network, such as your company’s data center. Although this connection is private and encrypted, it travels through the public internet, not through a dedicated connection. An example of a VPG = the VPC (virtual private cloud), if using VPN, since it is the AWS end-point
30
What is Amazon Route 53
Domain Name Service -Website names (www.amazon.com) into IP addresses (192.12.53.32.0) Routing policies: -Latency-based routing -Geolocation DNS – direct traffic based on where the traffic is located (to the closest region, etc., for example) -Geoproximity routing -Weighted round robin
31
What is Amazon CloudFront
serves Edge location – CDN – Content delivery Network
32
What is a VPN connection and VPN tunnel?
VPN connection: A secure connection between your on-premises equipment and your VPCs. VPN tunnel: An encrypted link where data can pass from the customer network to or from AWS.
33
What is AWS Direct Connect
VPN and private route, direct fiber connection from your data center to AWS
34
Describe the benefit of hybrid deployments
Allowing some traffic to access public – like public facing websites. But keeping sensitive data, like customer info, in a private subnet, to separate it and keep it hidden from public.
35
Describe the layers of security used in an IT strategy
Network hardening, application security, user identity, authentication and authorization, distributed denial of service prevention, data integrity, encryption
36
What are Instance Store Volumes
local storage on an AWS host – DO NOT SAVE IMPORTANT DATA TO DRIVES THAN COME WITH EC2 If you lose connection to your host, then you will lose your storage, because it’s likely that you will be sent to another host when your instance restarts.
37
What is Amazon EBS?
Amazon Elastic Block Store (EBS) – virtual hard drives, called EBS volumes -block storage = files are broken down into blocks, and only the changes to blocks are saved, not the entire file/object -not tied to the AWS host that your EC2 instance is running on -define Size, Type and Configurations -Volumes attach to EC2 instances – volumes DO NOT automatically scale to give more storage -need to be in same Availability Zone to attach EC2 instances Snapshots – incremental backups of your EBS data
38
What is Amazon S3?
Amazon Simple Storage Service = store and retrieve an unlimited amount of data -data stored as objects, stored in “buckets” File = object -> consists of data, metadata and a key File directory = bucket Max object size = 5 TB You can version objects to protect against accidental deletion You can set object level permissions and create multiple buckets
39
What are the storage classes of S3?
-Amazon S3 Standard = 11 “9’s” of durability = it has 99.999999999% durability, remain intact after 1 year -Amazon Static Website Hosting = collection of html files and web assets, enter bucket’s URL and it’s live -Amazon S3 Standard-Infrequent Access (S3 Standard-IA) = requires infrequent, but rapid access – long term storage, like backups -Amazon S3 Glacial Flexible Retrieval = this is good for audit files – infrequent and don’t need rapid access – few minutes to few hours. You can create vaults and lock the vaults. You can use WORM (write once/read many) to lock vault from future edits -Amazon S3 Glacier Deep Archive - objects that are stored can be retrieved within 12 hours. Amazon S3 Lifecycle Management = Move data automatically between tiers. -keep in Standard for 30 days, then move to Standard-IA for 60 days, then move to Glacial Flexible retrieval for 1 year, and delete
40
Explain Block vs Object storage
Block storage = breaks down files into blocks, and only re-uploads/saves the blocks that changed, not the entire object -good for video editing or micro-edits to large files Object storage = treats any file as a complete and discreet object. Any time there is a change to the object, the entire object must be re-uploaded/saved. There are no delta updates for objects. -good for complete objects or only occasional changes to objects
41
Explain benefits of Amazon EBS vs Amazon S3
Amazon Elastic Block Storage: -good for micro-edits to large files, since only the blocks changed will be updated and not the entire object/file -good for complex read-write-change functions Amazon Simple Storage Service: -web enabled, every object has its own url and can have permissions on it, regionally distributed (more durable), no need for backup strategies, cost savings vs EBS, serverless – no need for EC2 instances -good for complete objects or only occasional changes
42
What is Amazon EFS?
Amazon Elastic File System (Amazon EFS) -Compared to block storage and object storage, file storage is ideal for use cases in which a large number of services and resources need to access the same data at the same time. -is a scalable file system used with AWS Cloud services and on-premises resources. As you add and remove files, Amazon EFS grows and shrinks automatically. It can scale on demand to petabytes without disrupting applications. -managed file system -multiple instances can access the data in EFS at the same time -multiple instances reading and writing simultaneously -linux file system -Regional resource -automatically scales, unlike EBS
43
What DB types does AWS support?
-MySQL -PostgreSQL -Oracle -Microsoft SQL Server -MariaDB -Amazon Aurora
44
What is Amazon RDS?
Amazon Relational Database Service (Amazon RDS) automatically manages (managed service): -Automated patching -Backups -Redundancy -Failover -Disaster recovery
45
What is Amazon Aurora?
Amazon Aurora: most auto-managed RDS solution -comes in MySQL (5 times faster) or PostgreSQL (3 times faster) -1/10 the cost of commercial databases -data replication -up to 15 read replicas -continuous backup to Amazon S3 -Point in time backups -It replicates six copies of your data across three Availability Zones and continuously backs up your data to Amazon S3.
46
What is Amazon DynamoDB?
Amazon DynamoDB (serverless database and non-relational database): -create tables, create items in a table -items (elements) and attributes (describes items) -replicated across availability zones -it doesn’t use SQL to query since it’s non-relational -run queries on “keys” like from a dictionary datatype -millisecond response time -fully managed -highly scalable
47
What would you use Amazon RDS for vs Amazon DynamoDB?
Relational Database Service = business analytics, complex relational joins DynamoDB = anything else
48
What is Amazon Redshift?
Amazon Redshift (big data BI solutions with a single API call): -data warehousing service that you can use for big data analytics; query and analyze data across a data warehouse -ability to collect data from many sources and helps you to understand relationships and trends across your data
49
What are data warehouses?
Data Warehouses = historical analytics -data is now set, archived data
50
What is Amazon DMS?
Amazon Database Migration Service (Amazon DMS) -migrate existing on-prem database to AWS -source database remains fully operational during migration -downtime is minimized for aplpications that rely on that database -source/target databases don’t have to be of the same type -other use cases: dev/test database migrations, database consolidation, continuous replication
51
What is homogenous vs heterogeneous migration?
Homogenous databases: target to Amazon RDS or Amazon EC2 for X -MySQL -Microsoft SQL Server -Oracle -can be on-prem with one of above, or Amazon EC2 or Amazon RDS source Heterogeneous Migration: -AWS schema conversion tool (converts schema structures and database code) -then use DMS to do the rest
52
What is Amazon DocumentDB?
Amazon DocumentDB (with MongoDB compatibility) -content management, user profiles
53
What is Amazon Neptune?
Amazon Neptune (graph database, recommendation engines) You can use Amazon Neptune to build and run applications that work with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.
54
What is Amazon Managed Blockchain
Amazon Managed Blockchain (100% immutability, decentralized) a service that you can use to create and manage blockchain networks with open-source frameworks. Blockchain is a distributed ledger system that lets multiple parties run transactions and share data without a central authority.
55
What is Amazon Quantum Ledger Database
Amazon Quantum Ledger Database (Amazon QLDB) - 100% immutability, centralized -any entry can never be removed from the audit
56
What is Amazon ElastiCache
Amazon ElastiCache (caching for request, to improve read times from milli-seconds to micro-seconds) a service that adds caching layers on top of your databases to help improve the read times of common requests. It supports two types of data stores: Redis and Memcached.
57
What is Amazon DynamoDB Accelerator (DAX)
Amazon DynamoDB Accelerator (DAX) -improve read time for non-relational data, due to caching an in-memory cache for DynamoDB. It helps improve response times from single-digit milliseconds to microseconds.
58
What is the AWS Shared responsibility model?
Customers are responsible for the security of everything that they create and put in the AWS Cloud. AWS is responsible for security of the cloud.
59
What is an AWS Account Root User?
AWS Account Root Users: Has unlimited access to everything -multi-factor authentication recommended -don’t want to use
60
What permissions are the default for Amazon IAM?
Identity and Access Management: AWS Identity and Access Management (AWS IAM): -no permissions as default
61
What is an IAM Policy, IAM Group, and IAM Role?
IAM Policy: JSON document to describe which API calls a user can call IAM Groups: -like a role -manage access by telling which group has what access, like “cashiers”, “baristas”, etc. IAM Role: -associated permissions -assumed for temporary amounts of time -user/external resources/applications/other aws services assume a Role, which grants them temporary access -when assuming the role, it abandons all previous permissions and only has permissions of that role
62
What are AWS Organizations
AWS Organizations: a central location to manage multiple accounts -centralized management of all AWS accounts -consolidated billing -hierarchical groupings of accounts, group into OU (organizational units) -AWS service and API actions access control -Service Control Policies (SCPs) = which AWS service each individual member account and OU can access
63
What is AWS Artifact
a service that provides on-demand access to AWS security and compliance reports and select online agreements. AWS Artifact consists of two main sections: AWS Artifact Agreements and AWS Artifact Reports.
64
What are AWS Artifact Agreements
AWS Artifact Agreements: (agreement for HIPAA data, etc. on AWS) you can review, accept, and manage agreements for an individual account and for all your accounts in AWS Organizations. Different types of agreements are offered to address the needs of customers who are subject to specific regulations, such as the Health Insurance Portability and Accountability Act (HIPAA).
65
What are AWS Artifact Reports
AWS Artifact Reports: (provide SOC 2 and other compliance reports for auditors) provide compliance reports from third-party auditors. These auditors have tested and verified that AWS is compliant with a variety of global, regional, and industry-specific security standards and regulations. AWS Artifact Reports remains up to date with the latest reports released. You can provide the AWS audit artifacts to your auditors or regulators as evidence of AWS security controls.
66
What are some common types of attacks on AWS?
DDOS: A denial-of-service (DoS) attack is a deliberate attempt to make a website or application unavailable to users. UDP flood = example: weather data streaming massive data HTTP Level Requests: regular customer type requests – but do it really slow so others can’t access it
67
What is AWS Shield?
AWS Shield: a service that protects applications against DDoS attacks. AWS Shield provides two levels of protection: Standard and Advanced. AWS Shield Standard: automatically protects all AWS customers at no cost. It protects your AWS resources from the most common, frequently occurring types of DDoS attacks. As network traffic comes into your applications, AWS Shield Standard uses a variety of analysis techniques to detect malicious traffic in real time and automatically mitigates it. AWS Shield Advanced with WAF (Web application firewall): a paid service that provides detailed attack diagnostics and the ability to detect and mitigate sophisticated DDoS attacks. It also integrates with other services such as Amazon CloudFront, Amazon Route 53, and Elastic Load Balancing. Additionally, you can integrate AWS Shield with AWS WAF by writing custom rules to mitigate complex DDoS attacks.
68
What is AWS KMS
AWS Key Management Service (AWS KMS) enables you to perform encryption operations through the use of cryptographic keys. You can use AWS KMS to create, manage, and use cryptographic keys. You can also control the use of keys across a wide range of services and in your applications.With AWS KMS, you can choose the specific levels of access control that you need for your keys. For example, you can specify which IAM users and roles are able to manage keys. Alternatively, you can temporarily disable keys so that they are no longer in use by anyone. Your keys never leave AWS KMS, and you are always in control of them.
69
What is AWS WAF
AWS WAF is a web application firewall that lets you monitor network requests that come into your web applications. It works together with Amazon CloudFront and an Application Load Balancer. Recall the network access control lists that you learned about in an earlier module. AWS WAF works in a similar way to block or allow traffic. However, it does this by using a web access control list (ACL) to protect your AWS resources.
70
What is Amazon GuardDuty
Amazon GuardDuty is a service that provides intelligent threat detection for your AWS infrastructure and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.
70
What is Amazon Inspector
Amazon Inspector helps to improve the security and compliance of applications by running automated security assessments. It checks applications for security vulnerabilities and deviations from security best practices, such as open access to Amazon EC2 instances and installations of vulnerable software versions.
71
What is Amazon CloudWatch
Amazon CloudWatch: a real-time web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics. CloudWatch uses metrics to represent the data points for your resources. AWS services send metrics to CloudWatch. CloudWatch then uses these metrics to create graphs automatically that show how performance has changed over time.
72
What is Amazon CloudWatch Alarm
With Amazon CloudWatch Alarm, you can create alarms that automatically perform actions if the value of your metric has gone above or below a predefined threshold.
73
What is the Amazon CloudWatch Dashboard
Amazon CloudWatch Dashboard = show all metrics in near real-time -all metrics from central location -reduce mean time to resolution (MTTR) and improve total cost of ownership (TCO)
74
What is AWS CloudTrail
AWS CloudTrail: API auditing tool - you can view a complete history of user activity and API calls for your applications and resources. It records all API calls for your account. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, and more. You can think of CloudTrail as a “trail” of breadcrumbs (or a log of actions) that someone has left behind them.
75
What is AWS CloudTrail Insights
AWS CloudTrail Insights: This optional feature allows CloudTrail to automatically detect unusual API activities in your AWS account.
76
What is AWS Trusted Advisor
AWS Trusted Advisor: is a web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices. It checks 5 pillars: * Cost Optimization * Performance * Security * Fault Tolerance * Service Limits
77
What 5 pillars does AWS Trust Advisor check against?
It checks 5 pillars: * Cost Optimization * Performance * Security * Fault Tolerance * Service Limits
78
What are the different AWS Free Tiers?
Always Free - These offers do not expire and are available to all AWS customers. For example, AWS Lambda allows 1 million free requests and up to 3.2 million seconds of compute time per month. Amazon DynamoDB allows 25 GB of free storage per month. 12 Months Free - These offers are free for 12 months following your initial sign-up date to AWS. Examples include specific amounts of Amazon S3 Standard Storage, thresholds for monthly hours of Amazon EC2 compute time, and amounts of Amazon CloudFront data transfer out. Trials - Short-term free trial offers start from the date you activate a particular service. The length of each trial might vary by number of days or the amount of usage in the service. For example, Amazon Inspector offers a 90-day free trial. Amazon Lightsail (a service that enables you to run virtual private servers) offers 750 free hours of usage over a 30-day period.
79
What does these concepts mean: Pay for what you use Pay less when you reserve Pay less with volume-based discounts when you use more
Pay for what you use: For each service, you pay for exactly the amount of resources that you actually use, without requiring long-term contracts or complex licensing. Pay less when you reserve: Some services offer reservation options that provide a significant discount compared to On-Demand Instance pricing. For example, suppose that your company is using Amazon EC2 instances for a workload that needs to run continuously. You might choose to run this workload on Amazon EC2 Instance Savings Plans, because the plan allows you to save up to 72% over the equivalent On-Demand Instance capacity. Pay less with volume-based discounts when you use more: Some services offer tiered pricing, so the per-unit cost is incrementally lower with increased usage. For example, the more Amazon S3 storage space you use, the less you pay for it per GB.
80
What is AWS Pricing Calculator
AWS Pricing Calculator lets you explore AWS services and create an estimate for the cost of your use cases on AWS.
81
What are some of the cost components of Amazon S3?
Storage - You pay for only the storage that you use. You are charged the rate to store objects in your Amazon S3 buckets based on your objects’ sizes, storage classes, and how long you have stored each object during the month. Requests and data retrievals - You pay for requests made to your Amazon S3 objects and buckets. For example, suppose that you are storing photo files in Amazon S3 buckets and hosting them on a website. Every time a visitor requests the website that includes these photo files, this counts towards requests you must pay for. Data transfer - There is no cost to transfer data between different Amazon S3 buckets or from Amazon S3 to other services within the same AWS Region. However, you pay for data that you transfer into and out of Amazon S3, with a few exceptions. There is no cost for data transferred into Amazon S3 from the internet or out to Amazon CloudFront. There is also no cost for data transferred out to an Amazon EC2 instance in the same AWS Region as the Amazon S3 bucket. Management and replication - You pay for the storage management features that you have enabled on your account’s Amazon S3 buckets. These features include Amazon S3 inventory, analytics, and object tagging.
82
What is AWS Billing & Cost Management dashboard
pay your AWS bill, monitor your usage, and analyze and control your costs. Compare your current month-to-date balance with the previous month, and get a forecast of the next month based on current usage. * View month-to-date spend by service. * View Free Tier usage by service. * Access Cost Explorer and create budgets. * Purchase and manage Savings Plans. * Publish AWS Cost and Usage Reports.
83
What is Consolidated billing and benefit of it?
The consolidated billing feature of AWS Organizations enables you to receive a single bill for all AWS accounts in your organization. By consolidating, you can easily track the combined costs of all the linked accounts in your organization. The default maximum number of accounts allowed for an organization is 4, but you can contact AWS Support to increase your quota, if needed. Another benefit of consolidated billing is the ability to share bulk discount pricing, Savings Plans, and Reserved Instances across the accounts in your organization * simplifies billing process * share savings across accounts * free feature
84
What are AWS Budgets
you can create budgets to plan your service usage, service costs, and instance reservations. The information in AWS Budgets updates three times a day. This helps you to accurately determine how close your usage is to your budgeted amounts or to the AWS Free Tier limits. In AWS Budgets, you can also set custom alerts when your usage exceeds (or is forecasted to exceed) the budgeted amount.
85
What is AWS Cost Explorer
is a tool that lets you visualize, understand, and manage your AWS costs and usage over time. AWS Cost Explorer includes a default report of the costs and usage for your top five cost-accruing AWS services. You can apply custom filters and groups to analyze your data. For example, you can view resource usage at the hourly level.
86
What are the different AWS Support Plans
AWS Support Plans: AWS offers four different Support plans: * Basic * Developer * Business * Enterprise On-Ramp * Enterprise
87
What are features of Basic Support?
* 24/7 customer service * Documentation * Whitepapers * Support forums * AWS trusted advisor * AWS personal health dashboard
88
What are features of Developer Support?
Basic: * 24/7 customer service * Documentation * Whitepapers * Support forums * AWS trusted advisor * AWS personal health dashboard Developer * All of basic support * Plus email access to customer support (24 hr response time / 12 hrs if systems impaired)
89
What are features of Business Support:
Basic: * 24/7 customer service * Documentation * Whitepapers * Support forums * AWS trusted advisor * AWS personal health dashboard Developer * Plus email access to customer support (24 hr response time / 12 hrs if systems impaired) Business: * All basic/developer support * AWS Trust advisor provides full set of best practice checks * Direct phone access to cloud support engineers (4 hr response if system impaired / 1hr response if system down) * Infrastructure event management (for an extra fee)
90
What are features of Enterprise On-Ramp Support:
Basic Support: * 24/7 customer service * Documentation * Whitepapers * Support forums * AWS trusted advisor * AWS personal health dashboard Developer Support: * Plus email access to customer support (24 hr response time / 12 hrs if systems impaired) Business Support: * AWS Trust advisor provides full set of best practice checks * Direct phone access to cloud support engineers (4 hr response if system impaired / 1hr response if system down) * Infrastructure event management (for an extra fee) Enterprise On-Ramp Support: * All basic/developer/business support * 30 minute response time for business critical workloads * Access to a pool of Technical Account Managers (TAMs) * A Cost Optimization workshop (one per year)
91
What are features of Enterprise Support:
Basic Support: * 24/7 customer service * Documentation * Whitepapers * Support forums * AWS trusted advisor * AWS personal health dashboard Developer Support: * All of basic support * Plus email access to customer support (24 hr response time / 12 hrs if systems impaired) Business Support: * All basic/developer support * AWS Trust advisor provides full set of best practice checks * Direct phone access to cloud support engineers (4 hr response if system impaired / 1hr response if system down) * Infrastructure event management (for an extra fee) Enterprise On-Ramp Support: * All basic/developer/business support * 30 minute response time for business critical workloads * Access to a pool of Technical Account Managers (TAMs) * A Cost Optimization workshop (one per year) Enterprise Support: * All basic/developer/business support * 15 minute response time for business critical workloads * Designated Technical Account Manager (TAM) – proactively assist with you account/optimization
92
What is a TAM
TAMs: provide expert engineering guidance, help you design solutions that efficiently integrate AWS services, assist with cost-effective and resilient architectures, and provide direct access to AWS programs and a broad community of experts.
93
What are 6 pillars of Well-Architected Framework:
6 pillars of Well-Architected Framework: -Operational Excellence: running and monitoring systems -Security: data integrity, encryption -Reliability: recovery planning, handle change to meet customer demand -Performance Efficiency: IT and computing resources efficiently, using the right type of efficient service -Cost Optimization: optimize which service is needed and downgrade to lowest cost service required -Sustainability: minimizing environmental impact by reducing energy consumption
94
What is AWS Marketplace
AWS Marketplace: is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, and buy software that runs on AWS. * Custom terms and pricing * A private marketplace * Integration into your procurement systems * Cost management tools
95
What is AWS CAF
AWS Cloud Adoption Framework (AWS CAF): organizes guidance into six areas of focus, called Perspectives. Each Perspective addresses distinct responsibilities.
96
What are each of the perspectives of the AWS CAF?
AWS Cloud Adoption Framework Business capabilities: Business Perspective: ensures that IT aligns with business needs and that IT investments link to key business results. -Business managers, Budget Owners, Finance manager People Perspective: supports development of an organization-wide change management strategy for successful cloud adoption. -HR, staffing Governance Perspective: focuses on the skills and processes to align IT strategy with business strategy. This ensures that you maximize the business value and minimize risks. -CIO, program managers, Business analysts, Portfolio managers Technical capabilities: Platform Perspective: includes principles and patterns for implementing new solutions on the cloud, and migrating on-premises workloads to the cloud. -Chief Technology Officer (CTO), IT managers, Solutions architects Security Perspective: ensures that the organization meets security objectives for visibility, auditability, control, and agility. -Chief Information Security Officer (CISO), IT security managers, IT security analysts Operations Perspective: helps you to enable, run, use, operate, and recover IT workloads to the level agreed upon with your business stakeholders. -IT operations managers, IT support managers
97
What are the 6 strategies for Migration
6 "R's" Rehosting: “lift and shift” – install apps on AWS and start running them there Replatforming: “lift, ticker and shift” – make a few cloud optimizations, but no new code Refactoring/re-architecting: start from square 1 – write new code – add features possible in cloud, but not on-prem Repurchasing: move from a traditional license to a SaaS model, e.g. contracting with new CRM software vendor These 2 options don’t end up on AWS: Retaining: about to be decrepitated, or critical in nature or might need significant refactoring before migration, so maintain legacy environment until shutdown in near future, or able to migrate successfully Retiring: some parts of apps or full apps are no longer being used
98
What is the AWS Snow family?
A way to Transfer data to AWS via physical means – i.e. not over the internet
99
What are AWS Snowcone, Snowball, and Snowmobile?
AWS Snowcone is a small, rugged, and secure edge computing and data transfer device. It features 2 CPUs, 4 GB of memory, and up to 14 TB of usable storage. AWS Snowball offers two types of devices: * Snowball Edge Storage Optimized devices are well suited for large-scale data migrations and recurring transfer workflows, in addition to local computing with higher capacity needs. o Storage: 80 TB of hard disk drive (HDD) capacity for block volumes and Amazon S3 compatible object storage, and 1 TB of SATA solid state drive (SSD) for block volumes. o Compute: 40 vCPUs, and 80 GiB of memory to support Amazon EC2 sbe1 instances (equivalent to C5). * Snowball Edge Compute Optimized provides powerful computing resources for use cases such as machine learning, full motion video analysis, analytics, and local computing stacks. o Storage: 80-TB usable HDD capacity for Amazon S3 compatible object storage or Amazon EBS compatible block volumes and 28 TB of usable NVMe SSD capacity for Amazon EBS compatible block volumes. o Compute: 104 vCPUs, 416 GiB of memory, and an optional NVIDIA Tesla V100 GPU. Devices run Amazon EC2 sbe-c and sbe-g instances, which are equivalent to C5, M5a, G3, and P3 instances. AWS Snowmobile is an exabyte-scale data transfer service used to move large amounts of data to AWS. You can transfer up to 100 petabytes of data per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi trailer truck.
100
What is Amazon SageMaker
Amazon SageMaker: quickly train, build, deploy AI/ML models at scale, or build custom models
101
What is Amazon A2I
Amazon Augmented AI (Amazon A2I): build machine learning platform that anyone can build on
102
What is Amazon Lex
Amazon Lex: ready to go solution – the heart of Alexa – to build conversational interfaces using voice and text
103
What is Amazon Textract
Amazon Textract: Extracting text and data from documents to make them more usable for enterprise
104
What is AWS DeepRacer
AWS DeepRacer: experiment with re-enforcement machine learning
105
What is AWS Ground Station
AWS Ground Station: rent satellite time
106
What are the benefits of using AWS Cloud?
Benefits of AWS Cloud: o Trade upfront expense for variable expense. o Benefit from massive economies of scale. o Stop guessing capacity. o Increase speed and agility. o Stop spending money running and maintaining data centers. o Go global in minutes.
107
What is AWS CodeCommit
AWS CodeCommit is a source code version control service. CodeCommit helps users store and manage developers' source code in AWS.
108
What is Amazon Comprehend
Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to find insights and relationships in text. Amazon Comprehend does not translate text.
109
What is Amazon Polly
Amazon Polly is a machine learning service that converts text to speech. This service provides the ability to read text out loud.
110
What is Amazon Connect
Amazon Connect is an omnichannel cloud contact center that helps you provide superior customer service at a lower cost. Amazon Connect provides a seamless experience across voice and chat for your customers and agents.
111
What is Amazon Macie
Amazon Macie is a data security service that uses machine learning (ML) and pattern matching to discover and help protect your sensitive data.
112
What is Amazon Inspector
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on Amazon EC2 instances
113
What is Amazon Secrets Manager
Amazon Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources
114
What is AWS Global Accelerator
AWS Global Accelerator is a networking service that improves the performance of your users’ network traffic by up to 60%. Global Accelerator uses the AWS global network infrastructure.
115
Which credential components are required to gain programmatic access to an AWS account?
An Access Key ID and a Secret Access Key
116
How does AWS charge for AWS Lambda usage once the free tier has been exceeded
-by the number of requests made for a given Lambda function, and the time it takes for the Lambda function to run
117
What is AWS MGN
AWS Application Migration Service - AWS MGN is an automated lift-and-shift solution. This solution can migrate physical servers and any databases or applications that run on them to EC2 instances in AWS.

PQS's (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions