AWS Cloud Practitioner Flashcards
You have a mission-critical application which must be globally available at all times. If this is the case, which of the below deployment mechanisms would you employ
Deployment to Multiple Regions
Regions represent different geographic locations and is bets to host your application across multiple regions for disaster recovery
Which AWS Services can be used to protect against DDoS attacks?
AWS Shield
AWS Shield Advanced
AWS Shield - All AWS customers benefit from the automatic protections of AWS Shield Standard, at no additional charge. AWS Shield Standard defends against most common, frequently occurring network and transport layer DDoS attacks that target your web site or applications
AWS Shield Advanced - For higher levels of protection against attacks targeting your web applications running on Amazon EC2, Elastic Load Balancing (ELB), CloudFront, and Route-53 resources, you can subscribe to AWS Shield Advanced. AWS Shield Advanced provides expanded DDoS attack protection for these resources.
Which are right principles when designing cloud based systems.?
Build loosely-coupled components
Assume everything will fail
Always build components which are loosely coupled. This is so that even if one component does fail, the entire system does not fail.
Also if you build with the assumption that everything will fail, then you will ensure that the right measures are taken to build a highly available and fault tolerant system.
A company does not want to manage their database. Which is a fully managed NoSQL database provided by AWS.
DynamoDB
DynamoDB is a fully managed NoSQL database offering provided by AWS. It is now available in most regions for users to consume.
Which AWS service allows for distribution of incoming application traffic across multiple EC2 instances?
AWS ELB
Elastic Load Balancing distributes incoming application traffic across multiple EC2 instances, in multiple Availability Zones. This increases the fault tolerance of your applications.
Which concept is used when you want to manage the bills for multiple accounts under one master account
Consolidating billing
You can use the consolidated billing feature in AWS Organizations to consolidate payment for multiple AWS accounts or multiple AISPL accounts. With consolidated billing, you can see a combined view of AWS charges incurred by all of your accounts. You also can get a cost report for each member account that is associated with your master account. Consolidated billing is offered at no additional charge
Which of the following is the amount of storage that can be stored in the Simple Storage service?
Virtually unlimited storage
Amazon S3 provides a simple web service interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web. The total volume of data and the number of objects you can store are unlimited. Individual Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes.
What service from AWS can help manage the costs for all resources in AWS?
Cost Explorer
Cost Explorer is a free tool that you can use to view your costs. You can view your costs as either a cash-based view (costs are recorded when cash is received or paid) with unblended costs or as an accrual-based view (costs are recorded when income is earned or costs are incurred). You can view data for up to the last 13 months, forecast how much you are likely to spend for the next three months, and get recommendations for what Reserved Instances to purchase
What is the service provided by AWS that lets you host Domain Name systems?
Route 53
Amazon Route 53 provides highly available and scalable Domain Name System (DNS), domain name registration, and health-checking web services. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications by translating names like-example.com-into the numeric IP addresses, such as-192.0.2.1, that computers use to connect to each other.-
What service helps you to aggregate logs from your EC2 instance?
Cloudwatch Logs
You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, and other sources. You can then retrieve the associated log data from CloudWatch Logs
Which is a serverless compute offering from AWS?
AWS Lambda
What does Amazon EC2 provide?
Virtual servers in the Cloud.
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides re-sizeable compute capacity in the cloud. It is designed to make web-scale-cloud computing-easier for developers.
Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change.
Which storage mechanisms can be used to store messages effectively which can be used across distributed systems.
Amazon SQS
Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components
When working on the costing for on-demand EC2 instances , which are attributes which determine the costing of the EC2 Instance.
AMI Type
Instance Type
Region
If you see the below snapshot from the EC2 on-demand pricing page, you can see the different components that make up the pricing
https://aws.amazon.com/ec2/pricing/on-demand/
Which services helps provide a connection from on-premises infrastructure to resources hosted in the AWS Cloud.
AWS VPN
AWS Direct Connect
In order to predict the cost of moving resources from on-premise to the cloud , what can be used?
AWS TCO
The AWS TCO calculator makes it easy to estimate your savings when comparing the cloud to an on-premises or colocation environment. Use the TCO calculator to get detailed reports and insights into the cost components that make AWS a viable alternative to lower your costs.
There is a requirement hosting a set of servers in the Cloud for a short period of 3 months. Which of the following types of instances should be chosen to be the most cost effective.
On-Demand
Since the requirement is just for 3 months, then the most cost effective option is to use On-Demand Instances.
What is a document that provides a formal statement of one or more permissions?
Policy
A policy is a JSON document that specifies what a user can do on AWS. This document consists of
Actions: what actions you will allow. Each AWS service has its own set of actions. Resources: which resources you allow the action on. Effect: what the effect will be when the user requests access—either allow or deny.
A policy is an entity in AWS that, when attached to an identity or resource, defines their permissions. AWS evaluates these policies when a principal, such as a user, makes a request. Permissions in the policies determine whether the request is allowed or denied
You are planning to serve a web application on the AWS Platform by using EC2 Instances. Which of the below principles would you adopt to ensure that even if some of the EC2 Instances crashes , you still have a working application
Using a fault-tolerant system
A fault-tolerant system is one that ensures that the entire system works as expected even there are issues.
Which of the following security features is associated with a Subnet in a VPC to protect against Incoming traffic requests.
NACL
A-network access control list (ACL)-is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.
AWS provides a storage option known as Amazon Glacier. What is this AWS service designed for?
Infrequently accessed data
Data archives
Amazon Glacier is an extremely low-cost storage service that provides secure, durable, and flexible storage for data backup and archival. So Amazon glacier is used for Infrequently accessed data and Data archives.
What is the concept of an AWS region?
It is a geographical area divided into Availability Zones
A region is a geographical area divided into Availability Zones. Each region contains at least two Availability Zones.
Which one of the following features is normally present in all of AWS Support plans
24*7 access to Customer Service
Which of the following is AWS services allows you to build a data warehouse on the cloud?
AWS Redshift
Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. You can start with just a few hundred gigabytes of data and scale to a petabyte or more. This enables you to use your data to acquire new insights for your business and customers.
Which of the following IAM identities allow an application deployed on an EC2 instance to write data to S3 in a secure manner
AWS IAM Roles
An IAM role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it including assigning it to an EC2 instance.
When using On-Demand instances in AWS, which of the following is a false statement when it comes to the costing for the Instance.
- You pay for much you use.
- You have to pay the termination fees if you terminate the instance
- You are charged per second based on the hourly rate
- You pay no upfront costs for the instance
You have to pay the termination fees if you terminate the instance
You don’t need to pay any termination fees when it comes to Ec2 Instances