AWS Keyword Connect Flashcards
1
Q
Recommendation, guidance
A
Trusted Advisor
2
Q
Multi-account for enterprises through Account vending machine (AVM)
A
AWS Landing Zones (4 accounts)
3
Q
Automatic provision new accounts/ uses SSO via service catalog template
A
AVM
4
Q
Digital catalog of 1000’s of software listings. Independent vendors. Free/associated charge.
A
AWS marketplace (SaaS offering/CloudFormation templates/web ACL)
5
Q
Metadata for organizing AWS resources
A
Tag
6
Q
Collection of resources that share 1 or more tags
A
Resource Group
7
Q
Protects from web exploits. Attached to Cloudfront or ALB
A
AWS WAF
8
Q
Encrypting your encryption key
A
Envelope Encryption
9
Q
Ebs
Fully managed. Continuously monitors sensitive data access. Generates alerts for unauthorized access (uses ML)
A
Amazon Macie
10
Q
Create and control encryption keys to encrypt data
A
KMS (Key Management Service)
11
Q
Threat detection service (IDS). Use ML
A
GuardDuty
12
Q
Fully Managed
A
DynamoDB
13
Q
2 services
A
Role
14
Q
Minimum of 1 year
A
Reserved instance
15
Q
Eliminating as many security risks as possible
A
Hardening
16
Q
Runs security assessments benchmark audits 1 single ec2 instance
vulnerabilities
A
AWS Inspector
17
Q
Premade packages/templates for deployment of functional architecture in <1 hour
A
Quick start
18
Q
Authorized simulated attack to Evaluate the security of the system
A
Pentesting
19
Q
No cost/self-service for on-demand access to AWS compliance report. Audit
A
Artifact
20
Q
Managed DDoS protection. Route53 /CloudFront protection
A
AWS Shield
21
Q
Short period, unpredictable
A
On-Demand Instances
22
Q
All checks in trusted Advisor
A
Business, Enterprise
23
Q
7 core checks in Trusted Advisor
A
basic
24
Q
Secures EC2 Instances
A
Security Groups
25
number of services migrated
TCO (Total Cost Ownership)
26
Geographical Location
AWS Region
27
Data Center
AZ
28
Isolated section to launch AWS resources.
VPC
29
Enables access to the internet
Internet Gateway
30
Determines where network from subnet is directed
Route Table
31
API activity/call, traceability, account activity. Governance, compliance
CloudTrail
32
Service activity, health, performance metrics, monitor
CloudWatch
33
CDN (Content Distribution Network). Copy file to all distribution around the World. High transfer speed. Uses edge locations to cache content
CloudFront
34
Subnet security/firewall
NACL
35
Logical partition of IP network in small segments
Subnet
36
Firewall for instances
Security Group
37
Distribute loads across instance. If AZ is down, they distribute to next available one. Protects against DDOS
Elastic Load Balancer
38
Deploy and scale web apps. Health monitoring
Elastic Beanstalk
39
Config. Management service. Managed instances (chef, puppet)
OpsWorks
40
Flooding website with large amount of fake traffic
DDoS
41
Create/terminate instances
AWS Autoscaling
42
Best/manage monthly payment
Consolidated Billing
43
Plan your service usage/cost/instance reservation
| First 2 budgets free
AWS Billing
44
Visualize usage of consolidated billing
Cost Explorer
45
The more you use, the more you save
Volume discounts
46
Evaluate assess instance
AWS Inspector
47
Archive 40 terabytes
Glacier
48
Information about Prohibited actions
AWS Accepted Use Policy
49
Send notification/alerts/email. Uses email/text format. Subscribers, publishers, topic
SNS
50
Decouple/scale microservice distributed services. Places messages into a queue. Good for delayed tasks
SQS
51
Analyze/debug production/troubleshoot
X-Ray
52
Cost-effective, send email from app. Uses HTML
SES
53
Outbound inbound marketing campaign communication service
Pinpoint
54
Hybrid storage solution enables on-premises to use AWS cloud storage. Backup/archive/migration/disaster recovery
Storage gateway
55
Object level storage
S3
56
Analyze data in S3, serverless database for S3 query
Athena
57
enables AWS architects to manage infrastructure as code. JSON/YAML
CloudFormation
58
Manage EC2 capacity automatically/scale according to needs
| benefits: automated provisioning, adjustable capacity, launch template support
Autoscaling group
59
Function-run up to 15min
Lambda
60
Call Center
Amazon Connect
61
Virtual remote desktop
Workspaces
62
AWS version of Sharepoint/ collaboration service
WorkDoc
63
Online meeting/ video conferencing
Chime
64
Managed Business mail
Workmail
65
BI service. Data visual Connect multiple data sources no programming knowledge(ML)
Quicksight
66
Search Engine
Cloud search
67
Dedicated fiber optic connections from datacenter to AWS
Direct Connect
68
Elastic transcoder. Converts videos to # types
Media Connect
69
Apps built in EC2 classic network (layer 4 & 7)
CLB (Classic Load Bouncer)
70
TCP & TLS traffic. Ultra low latency. Sudden/volatile traffic (layer 4)
NLB (Network Load Bouncer)
71
HTTP HTTPS traffic. Routing rules (layer 7). Can attach WAF
ALB (Application Load Bouncer)
72
Provision required resources
Cloud Architecture principle of elasticity
73
Enterprise, primary contact for support needs
TAM
74
Report suspected resources(illegal/abusive)
Abuse Team
75
DNS in aws cloud
Route 53
76
route traffic to multiple resources in proportions that you specify?
Weighted route 53
77
Short term engagement with AWS support (enterprise)-new product
Infrastructure Event Management
78
- Personalized view of service health
| - Troubleshooting guidance
Personal health benefits
79
Cost-efficient/unpredictable access. Unlimited storage obj. 5tb/object
S3 Intelligent-tiering
80
Most frequently accessed data stored. App response time is optimal
Elastic Cache
81
Ability to remain functional even if some components fail
Fault tolerance system
82
RDS allowing data redundancy across regions/improve recovery
Read replica
83
Establish private network connection btw AWS and datacenter
Direct Connect
84
create a VPS (Virtual Private Server) on the cloud. No cloud experience
Amazon Lightsail
85
help customers design, architect, build, migrate, and manage their workloads and applications on AWS.
APN Consulting Partners
86
provide software solutions that are either hosted on or integrated with, the AWS platform
APN Technology Partners
87
shares a collection of offerings to help you achieve specific outcomes related to enterprise cloud adoption.
AWS Professional Services
88
Compliance, lower latency access, replication across accounts
Cross Region Replication (CRR)
89
Log aggregation, live replication btw production & test account
Same Region Replication (SRR)
90
Software to install on pc to manage snow family devices
opshub
91
-Bridge between on-premise data & S3 cloud data
Storage Gateway
92
In-memory database. Redis, memcached
Elasticache
93
Fully managed in memory cache for dynamoDB
DAX (DynamoDB Accelerator)
94
Analytics and data warehousing
OLAP (Online Analytical Processing)
95
Data for analytics, warehouse, columnar storage. MPP(massive parallel query execution)
Redshift
96
Create Hadoop(big data) analyze data. Supports apache, auscaling, ec2 instances
EMR (Elastic MapReduce)
97
Financial transaction, immutable(can’t remove/change entries) central
QLDB (Quantum Ledger Database)
98
Create apps to execute transaction decentralized. Hyperledger, ethereum
Amazon Managed Blockchain
99
Migrate data
Database Migration Service (DMS)
100
Extract transform load (ETL)
AWS Glue
101
Container technology Deploy/run applications
docker
102
Launch docker on AWS. Provision/maintain infrastructure
ECS (Elastic Container Service)
103
Docker-no provision-serverless
Fargate
104
Store docker images
ECR (Elastic Container Registry)
105
Serverless, create, publish, maintain secure API
API Gateway
106
Define infrastructure using code and transform in JSON/YAML to CloudFormation
CDK (Cloud Development Kit)
107
Deploy app automatically/ transition from on-premises to ec2
CodeDeploy
108
Store code in a repository. (AWS github)
CodeCommit
109
Build code in the cloud
CodeBuild
110
Orchestrate # STEPS TO HAVE CODE DEPLOYED
CodePipeline
111
Store & retrieve dependencies. Artifact management
CodeArtifact
112
Unify UI manage software dev in 1 place
CodeStar
113
Cloud IDE
Cloud9
114
Patch automation
| Run command across entire fleet
System Manager (SSM)
115
Increase transfer speed by transferring file to edge location
S3 Transfer Accelerator
116
create accelerators, direct traffic to optimal endpoints, improves the availability
and performance
Global Accelerator
117
Server racks. Customer responsible for security of infrastructure
Outposts
118
5G network
AWS Wavelength
119
Allow private subnet to connect to internet while remaining private
NAT Gateway
120
real-time big data streaming
Kinesis
121
Automated code review (using machine learning)
CodeGuru
122
Connect to VPC using a private network
VPC Endpoint
123
Vpc endpoint for S3 and DynamoDB
VPC Endpoint Gateway
124
VPC endpoint for rest of services (part from s3 & DynamoDB)
VPC Endpoint Interface
125
Patch management, configuration management, awareness & training
Shared Responsibility
126
Data stored/archived on a device
Data at Rest
127
Data moved from 1 location to another
Data in transit
128
Encrypt. AWS manages encryption keys
KMS (Key Management Service)
129
Encrypt. AWS provision encryption hardware
CloudHSM (Hardware Security Module)
130
HTTPS SSL/TLS Certificates
ACM (AWS Certified Manager)
131
Store and force rotation secrets
Secrets Manager
132
Audit/record compliance
Config
133
Central security tool across multi accounts
Security Hub
134
Investigate, identifies root cause of security issue
Amazon Detective
135
Recognize object, people, animals…
Rekognition
136
Automatically convert speech to text
transcribe
137
Turn text in speech
polly
138
Build conversational bots- chatbots
Lex
139
NLP(natural language Processing)
Amazon comprehend
140
Fully managed service for developers/data scientists to build ML models
Sagemaker
141
Use ML to forecast
forecast
142
Document search service
kendra
143
ML to build real time recommendations
personalize
144
```
Manage multiple accounts
Consolidated billing
Aggregated usage
Automate aws account creation
Restrict account privileges => scp (service control policies)
```
Organization
145
Set u/govern a multi account environment
Control Tower
146
Reduce cost & improve performance by providing recommendation
Compute Optimizer
147
Estimate cost for a solution architecture
Simple Monthly Calculator/ pricing calculator
148
Create temp., limited credentials to access AWS resources
STS (Security Token Service)
149
Identity for web mobile app users
Amazon Cognito
150
Multiple accounts and 3rd party bus. app
SSO
151
Eliminate management of on-premises. DAAS(desktop as service)
Amazon Workspace
152
Stream an app to any computer from a web browser
Appstream 2.0
153
VR, AR, 3D apps
Sumerian
154
Convert media files in s3 into media files format that consumer can use
Elastic Transcoder
155
Test web/mobile apps against desktop browsers
Device Farm
156
Manage and automate backups
AWS Backup
157
Quickly & easily recover servers in AWS
Cloud Endure
