AWS Keyword Assocation

Question 1

Alias Record

Answer 1

Route 53. S3. CloudFront Distributions. BOTH root and non root domain. no charge

Provides Amazon Route 53–specific extension to DNS functionality. Alias records let you route traffic to selected AWS resources, such as Amazon CloudFront distributions and Amazon S3 buckets. Offers weighted, geographic, and failover routing. You cannot set the TTL. It is set automatically by Route 53, which doesn’t charge for alias queries.

Question 2

CNAME Record

Answer 2

ONLY FOR NON ROOT DOMAIN. charges. sub-domain.

in order to make a sub-domain, you add a cname record.

EX) capitalone.com –> sub-domain: jobs.capitalone.com

Maps a hostname to another hostname. Must always point to another domain name, never directly to an IP address. Can’t create same name as hosted zone. You DON’T need to use Route 53, charges for queries.

Question 3

TTL
(Time To Live)

Answer 3

Route 53. New destination created, but users still being directed to old destination.

Used to automatically expire and delete data, which can help with data management, storage costs, and system architecture. Use IAM to regulate access to the TTL attribute. Ensure the TTL attribute has the same name across all items that need to be deleted.

Question 4

Aurora Read Replicas or
Aurora Replicas

Answer 4

high availability. scale READ workloads. disaster recovery. read-intensive applications. Asynchronous.

Can be used to scale out reads across regions. They are read-only instances that increase compute capacity and distribute read workloads. They share the same storage as the source instance, which lowers costs and avoids copying data. They receive log streams from the writer instance and consume them by considering each log record.

Question 5

Amazon Aurora

Answer 5

Compatible MySQL & PostgresSQL. Region DR

High performance. Scalability. Secure. Low Cost. Fully Managed. Monitoring. Replication. Serverless

Replicates your data with no impact on performance, enables fast local reads with low latency in each region, and provides disaster recovery from region-wide outages.

Question 6

latency routing policy

Answer 6

Route 53. Queries. Apps that are accessed from multiple locations.

Use when you have resources in multiple AWS Regions and you want to route traffic to the region that provides the best latency.

Question 7

(Relational Database Service)
RDS Multi-AZ

Answer 7

High availability. Data Replication. Read Replicas. Automatic Failover. Monitoring. Instance Replacement. Small production apps.

NOT suitable for high read load apps

Automatically creates a primary database (DB) instance and synchronously replicates the data to an instance in a different AZ.

Automatically fails over to a standby instance without manual intervention.

Question 8

Session Policy

Answer 8

Limit Access and/or Permissions. IAM. REAL time.

Are inline policies in AWS Identity and Access Management (IAM) that limit users’ access to specific parts of an Amazon S3 bucket. They work by evaluating access in real time. They set the maximum permissions a user can have.

Use case:
- Give the same access to a group of users to a particular portion of an Amazon S3 bucket
- Lock down users so that they have access only to portions of a bucket where object prefixes contain their username
- Scope code permissions during sensitive operations

Question 9

User Policy

Answer 9

defines the permissions of the IAM identity

Question 10

User Role

Answer 10

a type of IAM identity that can be authenticated and authorized to utilize an AWS resource

Question 11

Bucket Policy

Answer 11

Cross-Account permissions. AWS –> Another AWS

A type of resource-based policy that can be used to grant permissions to the principal that is specified in the policy. Principals can be in the same account as the resource or in other accounts. For cross-account permissions to other AWS accounts or users in another account, you must use a bucket policy.

Question 12

Route 53

Answer 12

DNS. Latency-based routing. Route based on geographic location. Health monitoring & checks. Visual interface.

Highly available and scalable service that connects internet traffic to the appropriate servers. Allows users to tailor DNS routing policies to specific needs, such as reducing latency, enhancing application availability, and ensuring compliance. This customization empowers users to optimize their DNS configurations for performance, resilience, and adherence to regulatory requirements.

Question 13

spot instances

Answer 13

URGENT computing. Flexibility. Low Price. Batch Jobs. Data analysis. Image processing. Distributed/short workloads.

When you place a request for a Spot instance, you specify the maximum price per hour, the instance type, and the availability zone.

Use Cases:
- Workloads that are resilient to failure.
- Flexible start and end time.
- Low Compute Price.
- Urgent computing needs for large amounts of ADDITIONAL capacity.

NOT suitable for critical jobs or DBs. less reliable

Question 14

On-Demand Instances

Answer 14

unpredictable. short workload. predictable pricing, pay per second. Linux or Windows.

Use Case:
Recommended for short-term and un-interrupted workloads, where you can’t predict how the application will behave.

Question 15

Reserved Instances

Answer 15

database. long workloads

Use Case:
Recommended for steady-state usage applications (think database)

Convertible Reserved Instances – long workloads with flexible instances

Question 16

Savings Plan

Answer 16

Commitment to an amount of usage, long workload. Locked to a specific instance family & AWS region.

Use Case:
Flexible across:
* Instance Size (e.g., m5.xlarge, m5.2xlarge)
* OS (e.g., Linux, Windows)
* Tenancy (Host, Dedicated, Default)

Question 17

Dedicated Hosts

Answer 17

Strong regulations. Compliance.

book an entire physical server, control instance placement. Most expensive.

Question 18

Dedicated Instances

Answer 18

healthcare. single-tenant hardware. Isolate EC2

no other customers will share your hardware, but can be shared with other instances of the same AWS account that are NOT dedicated instances.

Question 19

Capacity Reservations

Answer 19

guaranteed EC2 capacity. short term, uninterrupted workloads

reserve capacity in a specific AZ for any duration

Question 20

EC2 Instance store

Answer 20

local. I/O performance. Buffering. Caching. Temporary storage and data. High performance.

A storage volume that acts as a physical hard drive. It provides temporary storage for Amazon EC2 instance. The data in an instance store persists during the lifetime of its instance. If an instance reboots, data in the instance store will persist.

Question 21

DynamoDB

Answer 21

Near real time. Millions of transactions. Low latency. Throughput Management. TTL. Strong READ consistency. Partitioning for horizontal scaling. Replication across multiple AZs. NoSQL database. No maintenance. Serverless. Fully managed. Highly available.

In DynamoDB, tables, items and attributes are the core components that you work with. Simply put, a table is a collection of items and each item is a collection of attributes.

Use Case:
- best suited to store data in key-value pairs.
- can be combined with Lambdas

Question 22

Transit Gateway

Answer 22

Supports IP Multicast. Maximize VPN throughput.

Connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub. This connection simplifies your network and puts an end to complex peering relationships. Transit Gateway acts as a highly scalable cloud router—each new connection is made only once.

• For having transitive peering between 1000’s of UPC & on-premises hub & spoke connection
• can work cross region
• can peer across region
• works with direct connect gateway VPN connections

Question 23

Security Groups

Answer 23

Stateful. Allows INbound traffic to necessary ports

applied at the instance level. Instance can have multiple SGs. protects the resource

Question 24

DocumentDB

Answer 24

fully managed, cloud-native, NoSQL database service that’s compatible with MongoDB

Use Case:
It’s a good choice for storing online profiles because you can store each user’s profile efficiently

Question 25

NACL Network Access Control List

Answer 25

Stateless. YOU must allow BOTH inbound and outbound traffic.

Are like firewalls controlling traffic to and from subnet. Accepts everything inbound/outbound associated with subnets. DO NOT modify default, must create new ones. Protects the network. Can only be associated with 1 subnet.

Use Case:
Great way to block specific IPs at subnet level.

Question 26

Kinesis Data Streams

Answer 26

ingest. REAL time. producers. consumers. managed scaling (shards). Replay capability.

build custom applications that process or analyze streaming data for specialized needs. manages the infrastructure, storage, networking, and configuration needed to stream your data at the level of your data throughput. Once data is inserted can’t be deleted.

provisioned: planned capacity
on demand: unknown capacity

Question 27

Kinesis Data Firehose

Answer 27

NEAR real time. Auto Scaling. NO data storage. Fully managed. No admin. Serverless. Batches.

Simplifies the process of loading data streams into AWS data stores:
- S3
- Amazon Redshift (copy through S3)
- Amazon Open Search

CANNOT send data to dynamoDB

Question 28

Athena

Answer 28

• Queries will be simple and will run on-demand.
• Minimal changes to the existing architecture.

Serverless Queries. ADHOC. Complex. Columnar Data. Compressed Data. Partition. Complex analysis

Serverless, interactive query service that allows users to analyze data in Amazon S3 using SQL. Define Schema, then start query. only pay for queries ran. Partition to improve performance.

Use Case:
- best for quick adhoc queries, log analysis, smaller DB, interactive queries.
- Commonly used with Amazon Quicksight for
reporting/dashboards

Question 29

Redshift

Answer 29

OLAP(online analytical processing). Faster/repeatable/complex Queries. Quicksight. Tablue. Business Intelligence.

Columnar data storage and parallel query engine
Based on PostgresSQL but not used for OLTP
faster queries, joins & aggregation thank to indexes

2 modes: provisioned or cluster

Lets you access and analyze data without all of the configurations of a provisioned data warehouse. Resources are automatically provisioned and data warehouse capacity is intelligently scaled to deliver fast performance for even the most demanding and unpredictable workloads.

Use Case:
best for complex, large, fast queries / datasets. Business intelligence apps.

Question 30

SQS FIFO

Answer 30

decoupling but in a strict order

exactly once delivery, removes duplicates. Not sending too many messages into SQS.

300 withOUT batching
3000 WITH batching

Question 31

EFA (elastic fabric adapter)

Answer 31

High network performance. minimize latency. high message rates. Scalability.

direct access to the high-speed network infrastructure. A network device that can be attached to an EC2 instance to accelerate HPC & ML. Enabled at no cost

Question 32

cloudformation

Answer 32

IaC (infrastructure as code), disaster recovery. reusable infrastructure template

used when we need to repeat an architecture in different environments, different regions, or even different AWS accounts.

Question 33

glue

Answer 33

Apache Spark. Metadata. Serverless. ETL.

Managed extract, transform, and load (ETL) service. Useful to prepare and transform data for analytics. prevent re-processing old data

Question 34

ECR (elastic container registry)

Answer 34

store/manage/deploy docker images

access controlled through IAM
integrated with Amazon ECS and Amazon EKS, allowing you to store, run, and manage container images

Question 35

ECS (elastic container service)

Answer 35

Fargate. Docker. EC2.

Is a fully managed container orchestration service. ECS allows you to easily run, scale, and secure Docker container applications on AWS.

Question 36

ECS Fargate launch type

Answer 36

docker. microservices, short-term tasks, serverless, scaling out capacity. billed based on task size. Auto manages upgrades.

Question 37

ECS EC2 launch type

Answer 37

docker. traditional apps, more control over infra, cost based on memory of each instance type, maintenance.

Question 38

EKS (elastic kubernetes service)

Answer 38

open source. Nodes (EC2 instances). EKS Pods.

Amazon’s managed Kubernetes, an open-source system that automates the management, scaling, and deployment of containerized applications.

Question 39

SSE KMS (key managed service)

Answer 39

encryption for an AWS service

advantages: user control, audit key usage using cloudtrail

your principal needs DescribeKey and Encrypt permissions on the KMS key used to encrypt bucket data

Question 40

GLB (Gateway Load Balancer)

Answer 40

layer 3 (network). Inspection purposes.

Enable you to deploy, scale, and manage virtual appliances with a single entry and exit for traffic. Doesn’t act as a proxy or terminate connections. It ONLY forwards traffic.

Use Cases:
balancing on network gateway level
managing traffic between cloud and on premises environments across diff regions

Question 41

VPC Peering

Answer 41

direct communication

CANNOT establish on premises connectivity with AWS

Question 42

VPC Sharing

Answer 42

resource sharing. centrally managed.

Question 43

Firewall Manager

Answer 43

Security. centralized management.

Security Management Service that helps you to centrally configure & manage firewalls. Allows you to create and apply security policies consistently, ensuring that your security rules are enforced across your organization.

NOT used for traffic inspection & filtering

Question 44

Quicksight

Answer 44

SPICE. Interactive. Athena.

Allows you to analyze and visualize data from various resources. You can create an interactive dashboard, report, visualization. DOESN’T support IAM, only supports users and groups.

Question 45

RDS (relational database service)

Answer 45

read replicas, scale read capacity. Oracle. Encryption at rest.

Managed relational database service provided by AWS. Allows you to set up, operate, and scale relational databases in the cloud without the need to manage underlying infrastructure

Use Cases:
- NOT suitable for analytics
- AWS key management service(KMS) is integrated with amazon RDS to make it easier to create, control, and manage keys for encryption

Question 46

Global Accelerator

Answer 46

DYNAMIC, low latency, UDP, non HTTP, off the shelf globalization, static IP. APPLICATION. Automatic failover.

minimizes network hops to get your application global, optimizes network path

Use Case:
A media company wants a low-latency way to distribute live sports results which are delivered via a proprietary application using UDP protocol.

Question 47

Cloudfront

Answer 47

STATIC content, DDoS, improved performance, low latency, caching, CDN (content delivery network), S3

Events & Alerts. Log aggregation & analysis. Improves read performance, content is cached at the edge. DDoS protection integration with Shield, AWS Web Application Firewall.

Use Case:
static content (videos, images, etc) that must be available globally.

Question 48

Secrets Manager

Answer 48

secrets. integration for RDS, credential management

secrets are encrypted using KMS. can rotate secrets. automation of rotation with Lambda

Use Case:
You would like to store a database password in a secure place, and enable automatic rotation of that password every 90 days

Question 49

Lifecycle Policies

Answer 49

Storage tiers. file access, frequent at first, then not as frequent.

Lifecycle policies can transition objects between storage classes, or delete objects after a specified period

Question 50

S3 File Gateway

Answer 50

NFS & SMB Protocol

most recently used data is cached in file gateway. can transition to glacier using lifecycle policy. use IAM roles for bucket access

Question 51

EventBridge

Answer 51

notifications. SaaS. archive. replay events. reliable delivery

Use Case:
create 1 time event that fires at specific time. Integration with SaaS providers. easily discover schemas that other teams produce & incorporate them into your application

Question 52

Cloudtrail

Answer 52

trailing information, recording history of API calls, account-specific activity and audit. monitoring

can define trails for specific resources. global service.

Use Case:
find out who accessed what. Record API calls made within your account by everyone

Question 53

Cloudwatch

Answer 53

resource performance monitoring, events, and alerts

Question 54

Config

Answer 54

configurations. resource-specific history, audit, and compliance

record configuration changes
evaluate resources against compliance rules
get timeline of changes & compliance

Question 55

Gateway VPC Endpoint

Answer 55

dynmaoDB or S3. Privately access S3 no charges

They are destinations that route traffic to specific AWS services within an Amazon VPC. They work by targeting prefix lists in the VPC’s route table, which contain IP ranges for services like Amazon S3 and Amazon DynamoDB. They eliminate the need for an Internet gateway or NAT device in a VPC.

Question 56

EFS (Elastic File System)

Answer 56

Wordpress. content management. web serving. data sharing. NFS (network file system). Linux. highly available, durable location

Managed NFS (network file system) that can be mounted on many EC2 instances in multi-AZ. Highly available, scalable, expensive (pay/use)

Use Case:
If ever data is being split between 2 EC2 instances & users need access to all data at once, use EFS bc it’s a shared storage drive.

Question 57

SQS (simple queueing system)

Answer 57

decoupling, microservices. polling. ingesting data delay

can only have 1 consumer.

SNS + SQS = fan out

Question 58

SNS (simple notification system

Answer 58

microservices. pub/sub (publish & subscribe)

Use Case:
push/email notifications. have many subscribers, publish messages to many diff subs with single action. Requires high throughput & reliability for publishing to consumers.

SNS + SQS = fan out

Question 59

Elasticache

Answer 59

redis (multi-AZ) & memcached (multi-node) compatible, HIPPA compliant, code changes

A fully managed in-memory key-value store that speeds up application and database performance. ElastiCache sits between your application and the data store, and uses a lazy loading caching strategy. When your application requests data, it first checks the cache. If the data is there, ElastiCache returns it. If not, the application requests the data from the data store, and then writes it to the cache.

Question 60

IAM Roles

Answer 60

when an EC2 needs access to a bucket

Question 61

GuardDuty

Answer 61

malicious, threat detection service

delivers finding for visibility & remediation

Question 62

NLB (network load balancer)

Answer 62

layer 4. TLP, UDP, TLS

monitors target health & routes traffic only to healthy targets. routes based on network conditions (IP address). terminates & establishes new connections.

Use Case:
gaming, media streaming, IoT

Question 63

ALB (application load balancer)

Answer 63

Layer 7, HTTP, websocket, OSI, microservices, contained environment, web apps

Collection of EC2 instances. terminates & establishes new connections as a proxy. routes traffic based on CONTENT examination.

Question 63

Cognito User Pool

Answer 63

API Gateway, ALB, verification, authentication

Used to verify a user’s identity and grant access to an application. Users can sign in using a username and password, or through a third-party identity provider (IdP) like Amazon, Facebook, or Google. User pools can also be used to manage user data, create sign-in and sign-up webpages, and track user activity.

Question 64

Cognito

Answer 64

mobile users, auth & auth with SAML, 100s of users

create identity for external users

Question 65

Cognito Identity Pool

Answer 65

Federated Identity, authorization, unique identities

Create unique identities for users, and give them access to other AWS services. Integrates with Cognito User Pool as an identity provider.

Used to grant users access to AWS services, like Amazon S3 and DynamoDB. Identity pools can provide temporary credentials for unauthenticated users, or issue credentials for authenticated users who have received a token. Identity pools can also be used to create unique identities for users, and assign identity and access management (IAM) roles.

Question 66

DAX DynamoDB Accelerator

Answer 66

microseconds, READ congestion, caching service,

Designed to run within an Amazon Virtual Private Cloud (Amazon VPC) environment.

It does all the heavy lifting required to add in-memory acceleration to your DynamoDB tables

help solve read congestion by caching. microsecond latency for cached data. doesn’t require app logic modification. compatible with existing dynamoDB apis).

Question 67

lambda

Answer 67

allows you to run code without having to provision or manage servers. pay only for requests made & compute time consumed. works well with both API Gateway & RDS. Easy to monitor with Cloudwatch. Integrated with many languages (NodeJS, Python) & AWS Services.

Question 68

ASG (auto scaling group)

Answer 68

CoudWatch, maintain a fixed number of instances even if an instance becomes unhealthy. Load Balancer, AMIs

contains a collection of EC2 instances that share similar characteristics and are treated as a logical grouping for the purposes of fleet management and dynamic scaling.

Question 69

ELB (elastic Load Balaner)

Answer 69

distributing load across machines

Cross Zone Load Balancing: automatically distributes your incoming traffic across multiple targets, such as EC2 instances, containers, and IP addresses, in one or more Availability Zones. It monitors the health of its registered targets, and routes traffic only to the healthy targets.

Question 70

EC2 (elastic cloud compute)

Answer 70

HPC, Batching, ML, gaming

renting virtual machines

Question 71

Client-side Encryption

Answer 71

Use Case:
client wants to control everything an only wants to send encrypted data to AWS

Question 72

SSE-C (customer managed keys)

Answer 72

keys managed by customer outside of AWS

AS3 does NOT store encryption key you provide

Use Case:
user wants to manage keys & not store on AWS

Question 73

SQS Standard

Answer 73

decoupling

default for SQS
unlimited transactions/second
at least once delivery
best effort ordering
scales automatically
reliable 1:1 Async communication to decouple apps from one another

Question 74

SQS Message Visibility Timeout

Answer 74

if you’re getting duplicates, INCREASE visibility timeout

Question 75

EBS (elastic block store)

Answer 75

storage volumes. snapshots.

storing data on virtual drives (think USB). Bound to a specific AZ

are used for data that needs to persist. It is important to backup the data with AWS EBS snapshots.

Question 76

Docker

Answer 76

microservices, lift & shift from on premises to AWS cloud, ECR

deploys apps.
apps are packed in containers that can be run on any OS

faster and more lightweight than AWS AMI instances because they share the host OS

Question 77

SSE

Answer 77

Kinesis Data Streams, SQS, S3

enabled by default for new bucket objects

Encrypts data before it’s saved and decrypts it when it’s downloaded. This protects data at rest

Question 78

S3 Batch Operations

Answer 78

encrypt unencrypted objects

invoke lambda function to perform custom action on each object

Question 79

Intelligent Teiring

Answer 79

unpredictable/random pattern

moves objects automatically based on usage. small auto-tiering fee, no retrieval charge.

Question 80

Glacier Deep Archive

Answer 80

save the most on storage cost, lifecycle rules/policies

A storage class that provides secure, long-term storage for large amounts of data. It’s designed for data that’s rarely accessed, such as regulatory, compliance, and scientific data.

Use Cases:
long term data retention
digital preservation
eliminating the need for on-premises tape libraries

Question 81

S3 Standard IA (infrequent Access)

Answer 81

quickly accessible, long-term storage, disaster recovery, backups

Question 82

One-Zone IA

Answer 82

single AZ, storing secondary backups of on premises data or data you can recreate

Question 83

S3 Standard

Answer 83

frequently accessed. high availability, low latency, high throughput

Used for storing data that is frequently accessed, such as for cloud applications, content distribution, and big data analytics.

Question 84

AWS Datasync

Answer 84

on premise you want to synchronize to AWS to keep a copy

file permissions & metadata are preserved.
Snowcone comes with datasync agent preinstalled.

Question 85

Volume Gateway

Answer 85

EBS snapshots (disaster recovery), low latency, local caching, on-premises

Essentially acting as a bridge between your on-premises applications and cloud storage with the ability to operate in either a “cached” mode (storing frequently accessed data locally) or a “stored” mode (keeping all data locally with an asynchronous copy to S3).

Use cases:
Ideal for applications requiring low latency access to frequently used data while still maintaining a cloud-based backup strategy, such as database backups, application data, or large media files.

Question 86

Kinesis

Answer 86

designed for streaming, REAL TIME, big data

producers: send data to stream (SDK)
consumers: receive data & process it (AWS services)

Use Case:
real time streaming
big amount of data

Question 87

AWS shield advanced

Answer 87

paid service, more functionality, works with ELB

Question 88

AWS Shield

Answer 88

DDoS

Question 89

EBS snapshot

Answer 89

can take snapshot of running EBS volume and restore that EBSV from that snapshot, and then attach those to running EC2 instances. you don’t pay for snapshots. contains all the data that is captured in the snapshot

Question 90

cost explorer

Answer 90

budget planning, budget forecasts, identify the root cause and get idea of future billing of your particular services

Question 91

budgets

Answer 91

tracks your current expenditure, can create alarms

Question 92

DB instance / database instance

Answer 92

if you stop/modify for the DB instance you’ll still pay for resources

Question 93

S3 bucket

Answer 93

static web hosting

Question 94

AWS Systems Manager Session Manager

Answer 94

secure SSH connection to your EC2

Question 95

site-to-site VPN

Answer 95

AWS Side : virtual private gateway or a transit gateway
on-premises side: customer gateway device

strong encryption

delivers high availability by using two tunnels across multiple Availability Zones within the AWS global network. You can stream primary traffic through the first tunnel and use the second tunnel for redundancy — if one tunnel goes down, traffic continues to flow.

Question 96

WAF (web application firewall)

Answer 96

block specific things

helps protects your website from common attack techniques like SQL injection and Cross-Site Scripting (XSS). In addition, you can create rules that can block or rate-limit traffic from specific user-agents, from specific IP addresses, or that contain particular request headers.

Question 97

AWS shield standard

Answer 97

layer 3 / 4, SUN / UDP, DDoS

free, managed service that protects applications running on AWS from Distributed Denial of Service (DDoS) attacks. It’s automatically enabled for all AWS customers.

Question 98

Conventional 3-tier application architecture

Answer 98

Presentation Tier (client) <–> Logic Tier (server) <–> Data Tier (database)

Question 99

NAT Gateway (network address translation)

Answer 99

IPv4, subnets, traffic

improved security, scalability (depending on traffic volume), cost-effective (only pay for data processed)

Allows resources in a private subnet to access services outside the subnet, while keeping those resources inaccessible to unsolicited traffic. The NAT gateway translates the private IP address of the traffic to an Elastic IP (EIP) address, allowing the private resources to access the internet securely (Isolates instances from the public internet, reducing the attack surface for malicious actors).

Question 100

public vs private subnets

Answer 100

public - direct route to internet gateway (web servers, load balancers)

private - NO direct route to internet gateway (database, application servers)

Question 101

when to use containers vs serverless

Answer 101

Serverless: stateless. SMALL applications, easily split into microservices

Containers: stateful. Large complex applications

Question 102

Provisioned IOPS SSD

Answer 102

database storage performance. increase or change storage type

EBS, FSx

Question 103

amazon AppFlow

Answer 103

SaaS

Question 104

AWS Direct Connect

Answer 104

internet bandwidth limitations, long-term solution, internet connectivity

Question 105

MFA Delete

Answer 105

accidental deletion for S3 bucket. need to enable versioning on S3 bucket

Question 106

Macie

Answer 106

PII, personal identifiable information, alerts of PII, remediation (automation)

Question 107

System Manager Run Command

Answer 107

multiple EC2 instances. powered and patched by third party software.

custom command that applies a patch to al EC2 instances.

Question 108

S3 Transfer Acceleration

Answer 108

• ideally works with objects for long-distance transfer (uses Edge Locations)
• can speed up content transfers to and from S3