AWS Practice Questions Flashcards
With Amazon S3, Standard Storage is designed to provide 99.999999999 percent durability and what percent availability?
99.99% availability of objects over a given year.
With HTTP and HTTPS traffic, what feature of an Application Load Balancer can be used to bind a user’s session to a specific instance?
Sticky Sessions
With which pricing model do you pay for compute capacity by the hour with no required minimum commitments?
On-Demand Instances
Your web application requires temporary authorization to use AWS services. Which IAM entity should be used?
Role
What is Amazon Inspector?
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.
What is AWS Shield?
AWS Shield is a security service that protects web applications hosted on the Amazon Web Services public cloud against distributed denial of service (DDoS) attacks.
What is the difference between AWS Shield Standard vs AWS Shield Advnaced?
Higher level of protection, features, and benefits. For example, with Advanced, the user has access the Amazon 24 hour DDos response team.
What is Standard-Infrequent 99.9999999999% durability’s availability?
99.99%
What are the pillars of the Well-Architected Framework?
CORPS
Cost Optimization Operational Excellence Performance Efficiency Reliability Security
Which of the pillars of the Well-Architected framework is defined as the ability to run an monitor systems to deliver business value and to continually improve supporting processes and procedures?
Operational excellence
Which of the pillars of the Well-Architected framework is defined as the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
Security
Which of the pillars of the Well-Architected framework is defined as the ability to of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues.
Reliability
Which of the pillars of the Well-Architected framework is defined as the ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve.
Performance Efficiency
Which of the pillars of the Well-Architected framework is defined as the abilityto avoid or eliminate unneeded cost or suboptimal resources.
Cost optimization
What are the AWS Assurance/Compliance 3 Major Categories?
Certifications/Attestations
Laws, Regulations, and Privacy
Alignments/Frameworks
What are the major AWS Compliance Certifications to be aware of?
ISO 27001
PCI DSS Level 1
SOC 1
SOC 2
SOC 3
A _____ _____ is a check to see if your AWS infrastructure meets a given compliance standard. (I;E - even though AWS itself might, your infrastructure or application may not)
Gap Audit
What are the Important Compliance Laws, Regulations and Privacies (AWS adheres to these)?
HIPAA - Standard required to store health information
What are the most importan Compliance Alignments and Frameworks (AWS adheres to these)?
G-Cloud UK - Required for hosting government customers
What does “AWS Manages security of the cloud, security in the cloud is the responsibility of the customer.” mean?
Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would in an on-site datacenter.
What is WAF?
Web Application Firewall
Protects from common web exploits that could
affect availability
compromise security
consume excessive resources
What is the difference between using Elastic Load Balancers with security groups as security vs using a WAF?
ELB/Security Groups secure protocols and ports (Layer 4)
WAF - Can actually read the data being sent (Layer 7)
What is AWS Shield?
Managed DDoS protection
safeguards web apps
always-on detection
enacts inline mitigations
What are the two tiers of AWS Shield?
Standard - free and comes by default
Advanced $3K/month
What is AWS Inspector?
Automated Security Assessment
Audits for vulnerabilities or deviation from best practices
Produces a lined report ordered by criticality
Installed on your EC2 instances
What is AWS Trusted Advisor?
Optimization guidance for your environment for
cost optimization
performance
security
fault tolerance
What are the two levels of AWS Trusted Advisor?
Core Checks and Recommendations (free)
Full Trusted Advisor - Business and Enterprise only
What is the AWS Cloud?
Amazon Web Services or AWS in short, is a bundled remote computing service that provides cloud computing infrastructure over the Internet with storage, bandwidth and customized support for application programming interfaces (API).
What is the AWS Value Proposition?
“AIFS”
Agility
Speed
Experimentation
Innovation
Elasticity Scale on demand
Eliminate wasted capacity
Flexibility
Broad set of products
Low to no cost to entry
Security
Amazon has acquired many certifications
Shared responsibility model
Which of the following allows you to bid on spare Amazon EC2 computing capacity?
Spot Instances
With EC2 instances, which of the following is a snapshot of a particular state of that resource?
Golden Image
Amazon S3 Storage Glacier is a long-term storage solution that currently starts at what rate per GB per month?
$0.004
Amazon S3 Storage Glacier is a long-term storage solution that currently starts at what rate per GB per month?
$0.004
Amazon EMR offers what type of managed framework to process large amounts of data across dynamically scalable Amazon EC2 instances?
Hadoop
With which pricing model do you pay for compute capacity by the hour with no required minimum commitments?
On-Demand Instances
Which of the following from Amazon is an interactive query service used to analyze data in Amazon S3 using standard SQL and serverless (so you pay for the queries that you run)?
Athena
With which of the following can you run code without provisioning or managing servers and pay only for the compute time consumed (there is no charge when the code is not running)?
AWS Lambda
Why is AWS more economical than traditional data centers for applications with varying compute workloads?
Amazon EC2 instances can be launched on-demand when needed.
Which AWS service would simplify migration of a database to AWS?
AWS Database Migration Service (AWS DMS)
Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment?
AWS Marketplace
Which AWS networking service enables a company to create a virtual network within AWS?
Amazon Virtual Private Cloud (Amazon VPC)
Which of the following is AWS’s responsibility under the AWS shared responsibility model?
A) Configuring third-party applications
B) Maintaining physical hardware
C) Securing application access and data
D) Managing custom Amazon Machine Images (AMIs)
B
Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery?
A) AWS Regions
B) AWS edge locations
C) AWS Availability Zones
D) Amazon Virtual Private Cloud (Amazon VPC)
B) AWS edge locations
How would a system administrator add an additional layer of login security to a user’s AWS Management Console?
Enable Multi-Factor Authentication
8) Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated?
A) Amazon CloudWatch
B) AWS CloudTrail
C) AWS X-Ray
D) AWS Identity and Access Management (AWS IAM)
B) AWS CloudTrail
Which service would you use to send alerts based on Amazon CloudWatch alarms?
A) Amazon Simple Notification Service (Amazon SNS)
B) AWS CloudTrail
C) AWS Trusted Advisor
D) Amazon Route 53
A) Amazon Simple Notification Service (Amazon SNS)
Where can a customer find information about prohibited actions on AWS infrastructure?
D) AWS Acceptable Use Policy
What are three EC2 Spot Instances use cases?
Applications that have flexible start times
Applications that are only feasible at very low compute prices
Users with urgent computing needs for a lot of additional capacity.