AWS Fundamentals Flashcards
1
Q
What is the cloud?
A
The cloud is a bunch of interconnected computers that perform computational tasks and handle/respond to requests.
2
Q
What are the 7 computing services delivered by the cloud?
A
- Compute
- Storage
- Development
- Databases
- Networking
- Analytics
- Security
3
Q
What is virtualization?
A
Virtualization is the dividing up of physical resources on a single computer into small units call virtual machines
4
Q
How is usage/billing determined In AWS ?
A
- On demand
- Pay as you go
5
Q
What are the 6 advantages to cloud computing?
A
- Global access
- No more maintaining hardware
- Economies of scale
- Increase speed and agility
- Capacity Efficiency
- Convert capital expenditure to variable expense
6
Q
What are the 4 benefits to cloud computing?
A
- High Availability
- Agility
- Elasticity
- Durability
7
Q
What is high Availabilty?
A
Very fault tolerent systems that are designed to run continously and respond quickly.
8
Q
What is Elasticity?
A
The ability to scale capacity to meet demand
9
Q
What is Agility?
A
The ability to innovate/iterate fast and increase speed to market.
10
Q
What is Durability?
A
The guarante that data can be stored long term with out loss or corruption
11
Q
What is the private cloud ?
A
The private cloud is on premises cloud deployment
12
Q
What is the public cloud?
A
The public cloud is fully managed servers that are not on premises and are available through the internet
13
Q
What is the hybrid cloud?
A
The hybrid cloud is the combination of a private cloud installation and a public cloud deployment
14
Q
What is the relationship between Regions, Availability Zones and Data Centers ?
A
Regions have multiple availbility zones within them and availbility zones have multiple data centers.
15
Q
What is a edge location ?
A
Edge locations are small data centers that cache content to reduce latency
16
Q
Who is automatically given the role of root user?
A
The root user role is automatically assined to the user that created the account
17
Q
What are the 4 ways to access AWS services ?
A
- AWS Console
- CLI Command line interface
- Application Code
- Software development kits
18
Q
What is a EC2?
A
Elastic Compute Cloud
A Virtual server service
19
Q
What is a Lamda?
A
Lamda is serverless compute service that lets you running code without managing servers.
20
Q
What are possible uses for lambda ?
A
- Real-time file processing
- Sending email notifications
- Backend business logic
21
Q
What are some lambda features ?
A
- supports popular programming languages
- you author code using your favorite development environment or via the console
- lambda can execute your code in response to events
- lambda functions have a 15 minute timeout
22
Q
What is the lambda pricing model?
A
You are charged based on duration and number of requests
23
Q
What is counted as a lambda request?
A
Every time a lambda starts execution also including test invokes
24
Q
What is the always free lambda model ?
A
The free tier includes 1 million free requests each month
25
What is the Fargate service?
The Fargate service is a serverless compute engine for containers.
26
What is the lightsail service?
The light sail service allows you to quickly launch all the resources you need to launch a small project
27
What is the outposts service?
Outposts allows you to run cloud services in your internal data center
28
What is the Batch service?
The batch service allows you to process large workloads in smaller chuncks
29
What is the S3 Service?
Simple Storage Service is an object storage service for the cloud that is highly available.
30
What are the two foundational components of S3 storage?
1. Buckets
2. Objects
31
At what levels can you set security levels for S3 buckets using ACLs (Access Control Lists)
1. At the bucket level
2. At the object level
32
What does S3 versioning enable you to do ?
Protect your files against accidental deletion and create fallbacks
33
What are the 2 aspects of data accessibility metrics are used to compare S3 classes ?
1. Durability (data is resistant to loss or corruption)
2. Availability (how quickly you can access your data (latency))
34
What are the 7 S3 classes ?
1. S3 standard
2 S3 Intelligent Tiering
3 S3 standard infrequent access
4. One Zone-Infrequent access
5. S3 Glacier
6. S3 Glacier Deep Archive
7. S3 Outposts
35
What are some real world uses for S3 services
1. Static websites
2. Data archive
3. Analytics
4. Mobile Applications
36
What is the policy for S3 regions and namespaces ?
S3 is a regional service with a global namespace
37
What are the 4 main storage solutions available in AWS
1. Instance storage
2. S3 bucket, object storage
3. EBS Elastic Block Storage
4. EFS Elastic File system storage
38
What is AWS EBS?
Elastic block storage device (volume) is persistent storage that can grow and shrink.
39
What are the characteristics of Elastic Block Storage?
1. Is persistent
2. Can be attached / Detached from an instance
3. Is tied to one availability zone
4 Recommended for quick accessibility, running a database, and longterm storage.
40
What is AWS EFS?
Elastic file system is a serverless network file system for sharing files.
41
What are the characteristics for elastic file system ?
1. Can be connected to multiple instances at a time
2. Only supports the linux file system
3. Access across different availability zones in the same region
4. More expensive than EBS
42
What is EC2 instance store ?
EC2 instance store is volatile storage that is physically attached to your virtual server. It is very fast and is useful for temporary data storage.
43
What is the storage gateway service ?
A service that allow a customer to connect on-premises and cloud data
44
What is AWS Backup ?
AWS Backup helps you manage data backups across multiple AWS services. Frequency and Retention.
EC2, EBS, EFS
45
What are the 3 main Content Delivery Services
1. Cloud Front
2. Global Accelerator
3. S3 Transfer Acceleration
46
What is AWS CloudFront ?
CloudFront is a content delivery network that lowers latency using amazon edge locations.
1. Makes content available globally
2. Allows you to restrict by location Geo-restriction
3. Prevents Attacks DDos Protection
4. Allows for IP address blocking
47
What is AWS Global Accelerator?
A service that sends you user through the AWS global network when accessing content to improve latency and availability.
1. 60% boost
2. Automatically re-route traffic too healthy available regional endpoints
48
What is AWS S3 transfer acceleration ?
A service that improves content uploads and downloads to and from S3 buckets.
48
What is AWS S3 transfer acceleration?
A service that improves content uploads and downloads to and from S3 buckets.
1. Fast transfer of files over long distances
2. Uses cloudfront
3. Customers around the world can upload to a central bucket
49
What is AWS Route 53?
A service that offers scalable DNS registration and application routing with service health check features.
50
What is AWS VPC?
Virtual Private Cloud is a service that allows a user to set up a secure private network in the cloud with subnetting features where you launch your resources.
51
What is AWS Direct Connect?
A service that offers a dedicated physical network connection from a on-premises data center to AWS
52
What is AWS VPN?
A site to site VPN creates a secure connection between your internal networks and your AWS VPC's
53
What is AWS API Gateway?
A service that allows you to build and manage API's
54
What is AWS RDS?
RDS is the Relational Database Service for deploying popular database engines such as Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and SQL Server. Supports multiple availability zones, Manages automatic software patching, automated backups, operating system maintenance, and more.
55
What is AWS Aurora?
Aurora is a relational database service compatible with PostgreSQL and MySQL That is faster than MySQL and PostgreSQL, scales automatically and is managed by RDS
56
What is Dynamo DB?
Dynamo DB is a Nosql database service that implements a key value database, It is fully managed and serveless, scales automatically to massive workloads with fast perfomance.
57
What is DocumentDB?
DocumentDB is a document database service, it is fully managed and serverless and is compatible with mongoDB.
58
What is the AWS Service that offers fully managed in-memory datastore compatible with Redis and Memcached, that offers high perfomance and low latency, with the downside that data can be lost?
Amazon ElasticCache
59
What is Amazon Neptune?
Is a fast and reliable fully managed and serverless graph database that supports highly connected datasets
60
What is Amazon DMS?
DMS is the amazon database migration service
1. on-premises databases to AWS
2. Continuous data replication
3. Virtually no downtime
61
What is Amazon SMS
SMS is the amazon server migration service that allows you to migrate on-premises servers to AWS
62
What are the members of the Amazon snow family?
The snow family allows you to transfer large amounts of on-premises data to AWS using a physical device.
1. The snow cone - 8 Terabytes of data
2. The snow ball and snow edge - Petabyte scale data supports EC2 and lambda
3. The snow mobile - Multi Petabyta or Exabyte scale data
63
What is the service that allows for online data transfer from on premises to AWS S3 or EFS?
Amazon DataSync
64
What is Amazon Redshift?
Amazon redshift is a data warehousing solution. Data consolidation that handles exabyte-scale data
65
What is Amazon Athena?
Amazon Athena is a query service for Amazon S3 for using Sql to query S3, Pay per query
66
What is Amazon Glue?
Amazon glue prepares your data for analytics ETL extract, transform and load. Helps to better your data.
66
What is Amazon Kinesis?
Amazon Kinesis all you to analyze data streams in real time, video, audio, application logs, website clickstreams and IOT.
67
What is Amazon EMR
Amazon EMR is elastic map reduce which helps process large amounts of data.
68
What is the amazon service that helps you move data between compute and storage services running either on premises or on AWS ?
Amazon data pipeline
69
What is the amazon service that helps you visualize your data?
Amazon quicksight
70
What is the cloud service that allows you to automate you image and video analysis, including face and text detection?
Amazon Rekognition
71
What is Amazon comprehend ?
AWS Comprehend is a natural-language processing NLP service that finds relationships in text, Uncovers insights and relationships
72
What is the Amazon service that turns text into speech?
Amazon Polly
73
What is Amazon SageMaker?
Amazon Sage maker is service for building, training and deploying machine learning models quickly
74
What is the amazon service that provides language translation ?
Amazon Translate
75
What is Amazon Lex?
Lex helps you build conversational interfaces like chatbots.
76
What is Amazon cloud 9?
Amazon Cloud9 is a inbrowser IDE for writing and debugging code on the amazon console
77
What is the amazon service that offers a source control system for git repositories ?
Code Commit
78
What does code build allow you to do?
Code build allows you to build and test your application source code, Enables continuous integration, produces build artifacts ready to be deployed
79
What does code deploy do ?
Code deploy manages the deployment of code to compute services in the cloud or on-premises
80
What is amazon codePipline?
It is a service that automates the software release process. It integrates with CodeCommit, CodeBuild and CodeDeploy to build artifacts, run tests and deploy new software.
81
What is the amazon service that helps you debug applications and what else does it do?
Amazon X-Ray. Analyze and debug, map application components, view requests.
82
What does Amazon code star do ?
CodeStar helps developers collaboratively work on development projects, Connects development environments, intergrates with CodeCommit, CodeBuild and CodeDeploy. Contains issue tracking dashboard
83
What is cloudformation ?
Cloud formation is an infrastructure as code (IAC) service that allows you to provision AWS resources with code
84
What is the AWS orchestration service that allows you to deploy your web applications by orchestrating various AWS services including EC2, S3, Simple notification service?
AWS Elastic Beanstalk
85
What is AWS opsWorks?
AWS opsWorks is a service that helps you use Chef or Puppet to automate the configuration of your servers and deploy code.
86
What is AWS SQS?
SQS is the simple queue service which is a FIFO queue that allows you to build loosely coupled systems.
87
What is AWS SNS?
SNS is the simple notification service. It is a topic subscriber service that allows you to send text messages and simple emails
88
What is AWS SES?
the Simple Email Sevice is a service that allows you to send richly formated HTML emails from your applications.
89
What is CloudWatch?
CloudWatch is a collection of services that help you monitor and observe your cloud resources.
90
What are the five main features that cloudWatch services offers?
1. Detect Anomalies
2. Alarms
3. Logs
4. Metrics
5. Events
91
What is CloudTrail and what does it help you do?
A service that tracks user activity and API calls with your account. Log and retain account activity. Tack Console, SDKs and CLI. Identify which user made changes. Detect unusual activity.
92
What are the identity properties that you can track with CloudTrail?
1. username
2. event time
3. event name
4. IP address
5. access key
6. Region
7. Error code
93
What is the shared responsibility model ?
The shared responsibility model is a framework for the division of responsibility between AWS and the user.
AWS is in charge of security of the cloud and We are in charge of security in the cloud.
94
What are AWS four main responsibilities as part of the Shared responsibility model?
1. Global infrastructure
2. Physical Security
3. Physical Aspects of the service
- networking components
- generators
- uninterruptible power supplies
4. Software
- Software for managed services
- Host firmware
- data access points
95
What are the 6 main domain a AWS user is responible for as part of the shared responsibility model ?
1. Application Software and Data including encryption
2. Patching guest operating systems (security and updates)
3. Network traffic configurations and firewalls
4. Security Configuration. VPC, VPN and your accout credentials
5. Identity and Access Management including all users.
6. All installed software
96
What are the 6 Pillars of a well-architected framework?
1. Operational Excellence
2. Security
3. Reliablility
4. Performance and efficiency
5. Cost Optimization
6. Sustainability
97
What pillar of the well-architected framework focuses on creating applications that effectively support production workloads ?
Operational Excellence
98
What does the security pillar of the 6 Pillars of a well-architected framework focus on?
Putting mechanisms in place to help protect your systems and data.
99
What does the Reliability pillar of the 6 Pillars of a well-architected framework focus on?
Designing systems that work consistently and recover quickly
100
What pillar of the well-architected framework focuses on effective use of computing resources to meet system and business requirements while removing bottlenecks ?
Performance Efficiency
101
What does the Cost Optimization pillar of the 6 Pillars of a well-architected framework focus on?
Delivering the optimum and resilient solutions at the least cost to the user
102
What does the Sustainability pillar of the 6 Pillars of a well-architected framework focus on?
Environmental impacts especially energy consumption and efficiency
103
What is IAM?
Identity Access Management is a service that helps you secure cloud resources by allowing you to define who has access to resources.
104
What are four things you can manage in IAM?
1. Users
2. Groups
3. Policies
4. Roles
105
What is the difference between authentication and authorization ?
Authentication is about verifying identity, authorization is about determining what a identified user has access to
106
What are four things the root user can do that a regular user cannot ?
1. Close your account
2. Change your email address
3. Modify your support plan
4. Change account settings
107
What are user groups ?
Groups are a set of IAM users that helps you apply common access controls to all group members
108
What is the principle of least privilege?
Give users the minimum access required to get the job done.
109
What are Roles?
Roles define access permissions and are temporarily assumed by a IAM user or service (Generally for one session)
110
What are Policies ?
Policies define the permissions for IAM users, groups and roles by creating a policy document in json format.
111
What is the difference between a policy and a role ?
A policy defines the permission as a JSON document and is attatched to a role
112
What are the four AMI Best Practices ?
1. Enable MFA for privileged users
2. Implement strong password policies
3. Create individual users instead of using root
4. Use roles for Amazon EC2 instances
113
What feature lists all users in your account and the status of their various credenials including passwords, access keys, MFA and is used for auditing and compliance ?
IAM Credential Reports
114
What is WAF ?
Web Application Firewall helps protect web applications against common web attacks.
115
What does WAF protect against ?
1. Common attack patterns
2. SQL injection
3. Cross-site scripting
116
What is shield ?
Shield is a managed Distributed Denial of Service protection sevice.
117
What is the difference between Shield standard and Shield Advanced?
Shield advanced provides in enhanced protection and 24/7 access to AWS experts for a fee while shield standard only protects against common and frequently occurring attacks
118
What is amazon Macie ?
Amazon Macie helps you discover and protect sensitive data
119
What service allows you to access, audit and evalute the configuration of your resources?
Amazon Config
120
What is Amazon GardDuty ?
It is an intelligent threat detection system that uncovers unauthorized behaviour.
121
How does guardDuty Work?
It Uses Machine Learning, built-in support for EC2, S3, and IAM and reviewing cloudtrail, VPC, Flow Logs and DNS Logs to detect unusual behaviour
122
What is Amazon Inspector?
Inspector works with EC2 instances to uncover and report vulnerabilities
123
What is Amazon Artifact?
Artifact offers on-demand access to AWS security and compliance reports
124
What is Amazon cognito?
Amazon cognito helps you control access to mobile and web applications. Assists with user sign-up and sign-in.
125
What is the difference between data in flight and data at rest ?
Data in flight is moving from one location to another while data at rest is inactive or stored for later use
126
What is KMS?
Key management service allows you to generate and store encryption keys that AWS manages.
127
What is CloudHSM?
hardware security module uses dedicated hardware to generate keys. AWS does not have access to your keys
128
What is secrets Manager ?
Sercets Manager allows you to manage and retrieve secrets (passwords, keys)
129
What are the 3 fundamental drivers of cost ?
1. Compute
2. Storage
3. Outbound Data Transfer
130
What are the 3 free offer types?
1. 12 months free
2. Always free
3. Trials
131
What are the 5 different ways to pay for EC2 instances ?
1. On-Demand
2. Savings Plan
3. Reserved Instances
4. Spot Instances
5. Dedicated Hosts
132
What is the lambda always free grantee ?
1 000 000 requests per month are always free
133
What are the two cost drivers for with the Lambda ?
1. number of requests
2. execution time
134
What are the four cost drivers for S3?
1. Storage class
2. number and size of objects
3. Data transferred out of S3 region
4. Requests made for data and amount of requests
135
What are the 8 drivers for RDS ?
1. Running clock hours
2. Type of database
3. Storage
4. Purchase Type
5. Database count
6. Api requests
7. Deployment type
8. Data transfer
136
What is TCO?
Total cost of ownership is a financial estimate that helps you understand the direct and indirect costs of AWS
137
What is the Application Discovery Service?
The Application discovery service helps you plan migration projects to the AWS cloud and is used TCO
138
What is the pricing calculator?
The pricing calculator helps you calculate the total cost of ownership
139
What AWS service allows you to set custom budgets that alert you when your costs or usage exceed you budgeted amount and what types does it support?
AWS Budgets
1. Cost Budgets
2, Usage Budgets
3. Reservation Budgets
140
What is Cost and Usage Reports ?
Cost and Usage Report contains the most comprehensive set of cost and usage data from your previous amazon bills
141
What is AWS Cost Explorer?
It allows you to visualize and forecast your costs and usage over time. View past 12months and forcast for up to 3 months
142
What are cost allocation tags useful for ?
Tags allow you to label resources using a key and value pair. The allow you to track costs via the cost allocation report
143
What is AWS organizations ?
It is a sevice that allows you to centrally manage multiple AWS accounts, Automate account creation and aggregate payment into a single bill for all accounts
144
What is AWS control tower?
Control Tower helps you ensure your accounts conform to company-wide policies, provides a dashboard and enforces best use of services
145
What is AWS systems manager?
Systems Manager gives you visibility and control over you AWS resources. I allows you to automate operational tasks on resources, patch and run commands on multiple resources (multiple EC2's or RDS instances)
146
What is AWS trusted advisor ?
Trusted advisor provides real-time guidance to help you provision your resources following AWS best practices
147
What AWS service helps you manage Software licenses on premises and on AWS?
License Manager
148
What is AWS certificate manager?
Certificate Manager helps you provision and manage public and private SSL/TLS certificates for free
149
What are SCP's ?
Service control policies enforce policies that you want everyone in a organization to follow
150
What are the benfits of AWS managed services?
Managed services help you efficiently operate you AWS infrastructure by augmenting internal staff, providing ongoing management of infrastructure, and reducing operational risk
151
What is AWS professional services?
Professional Services helps enterprise customers move to a cloud-based operating model
152
What is AWS partner Network ? (APN)
It is a global community of approved partners that offer software solutions and consulting services for AWS.
153
What is AWS Personal Health Dashboard?
It is a service that alerts you to event that might impact your AWS environment.
Provides troubleshooting guidance
Provides feedback tailored to your specific environment
154
What are the for amazon support plans ?
1. Basic (free)
2. Developer
3. Business
4. Enterprise
155
What support case types can you open with a basic support plan ?
1. Account and Billing
2. Service limit increase
156
What support case types can you open with a Developer support plan ?
1. Account and billing
2. Service limit increase
3. Technical support
You also get 1 primary contact
Unlimited Cases
157
What support case types can you open with a Business support plan ?
1. Account and billing
2. Service limit increase
3. Technical support
Unlimited contacts
Unlimited Cases
Full Set of Trusted Advisor Checks
158
What support case types can you open with a Enterprise support plan ?
1. Account and billing
2. Service limit increase
3. Technical support
Unlimited contacts
Unlimited Cases
Technical Account Manager
Concierge Support Team
Infrastructure Event Management
Full Set of Trusted Advisor Checks
159
