AWS Service Definitions Quiz Flashcards by Louis Saffice

What is a comprehensive cloud platform delivering on demand, online technology services?

AWS Amazon Web Services

How well did you know this?

Not at all

Perfectly

What is a building or space dedicated to housing many computers called?

datacenter

How well did you know this?

Not at all

Perfectly

What AWS service manages the physical hardware;
you control everything else?
You have the most control. All you get is the space and an Operating System.

Infrastructure as a Service (IaaS)

How well did you know this?

Not at all

Perfectly

What type of cloud computing is when STANDARD software is provided and configured as needed?
The software is ready to go, and you don’t have access to the infrastructure. Examples: Elastic Beanstalk, Cloud Formation, Lambda, RDS, S3.

Platform as a Service (PaaS)

How well did you know this?

Not at all

Perfectly

What type of Cloud computing is where pre-packaged software is provided “as-is” by the vendor?
Email, chat clients, apps, etc… Some examples are: WhatsApp, Google Maps, DocuSign, Slack.

Software as a Service (SaaS)

How well did you know this?

Not at all

Perfectly

What Cloud is your home unit?

You own the hardware and the software, you do the updates, you maintain security.

On-Premise cloud

How well did you know this?

Not at all

Perfectly

What Cloud service is where you rent space on a cloud? You continue to maintain your on-premise equipment and software, but now you have, for example, a storage locker to help your on-premise capacity.

Hybrid Cloud

How well did you know this?

Not at all

Perfectly

What Amazon service is where the host handles most of your needs?
Like a maid service that handles all of your needs, but you still own and run the web application.

Amazon Cloud

How well did you know this?

Not at all

Perfectly

What is defined as a separate geographical area?

Region

How well did you know this?

Not at all

Perfectly

What are multiple isolated locations within each Region?

Availability Zones

How well did you know this?

Not at all

Perfectly

What is defined as areas that provide you the ability to place resources, such as compute and storage, in multiple locations closer to your end users?
These are often located near large population centers.

Local Zones

How well did you know this?

Not at all

Perfectly

What is defined as locations between regions that serve as a content delivery network (CDN), or caches, so that content is closer to users in areas that are far from regions?

Edge Locations

How well did you know this?

Not at all

Perfectly

What zones enable developers to build applications that deliver ultra-low latencies to mobile devices and end users? It also deploys standard AWS compute and storage to the edge of telecommunication carriers’ 5G networks.

Wavelength Zones

How well did you know this?

Not at all

Perfectly

What is defined as a fully managed service that extends AWS infrastructure, services, APIs, and tools to customer premises?
It is a pool of AWS compute and storage capacity deployed at a customer site. AWS operates, monitors, and manages this capacity as part of an AWS Region.

AWS Outposts

How well did you know this?

Not at all

Perfectly

What is defined as a telecommunications cable owned by a company?

Network Line

How well did you know this?

Not at all

Perfectly

What is defined as “When an object is updated in S3 by many users across the availability zones, the object that is wrote last will be the one that all other copies become”?

Eventual Consistency

How well did you know this?

Not at all

Perfectly

What are the Five Pillars of the Framework?

Operational Excellence
Security
Reliability
Performance Efficiency
Cost Optimization

How well did you know this?

Not at all

Perfectly

What user is defined as a single sign-in identity that has complete access to all AWS services and resources in an account?

Root User

How well did you know this?

Not at all

Perfectly

What is a 20 digit alphanumeric key?

Access Key

How well did you know this?

Not at all

Perfectly

What kind of policies are standalone policies that are created and administered by AWS, and are designed to provide permissions for many common use cases?

AWS Managed Policies

How well did you know this?

Not at all

Perfectly

What kind of POLICY is stuck to, or embedded into, an IAM identity?

Inline Policy

How well did you know this?

Not at all

Perfectly

What is defined as a job identifier in terms of Identity and Access Management?

a Role

How well did you know this?

Not at all

Perfectly

What is defined as the creation of a trust relationship between an external identity provider and AWS, like Facebook?

Federation

How well did you know this?

Not at all

Perfectly

What kind of account do you use to create the organization, can issue an Invitation, and is responsible for paying all charges that are accrued by the member accounts?

Management Account

How well did you know this?

Not at all

Perfectly

What is it called when you ask a stranger's account to join your organization's account?

Invitation

What policy specifies the services and actions that users and roles can use within accounts?

Service Control Policies (SCP)

What list type assumes that all actions are denied?

Allow List

What list type assumes that all actions are accepted?

Deny list

What policy do you use to configure and deploy backup plans for your resources? What policies automate backup management?

Backup Policy

What type of policy helps you standardize tags across resources across all of the accounts in your organization?

Tag Policy

What has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time explorer?

AWS Cost Explorer

Which BUDGET monitors your COSTs against a specified dollar amount and sends alerts when your user-defined thresholds are met?

Cost budget

Which BUDGET plans how much you want to USE on one or more services?

Usage budget

Which BUDGET lets you define a USAGE threshold and receive alerts when the usage falls below that threshold?

``` Reserved Instance (RI) Utilization Budgets or Savings Plans Utilization Budgets ```

Which BUDGET lets you receive alerts when the number of instance hours falls below a certain threshold coverage?

``` Reserved Instance (RI) Coverage Budgets or Savings Plans Coverage Budgets ```

What is the name of a fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication?

Amazon Simple Notification Service (SNS)

What can you use to explore AWS services and calculate the cost of your use cases on AWS?

AWS Pricing Calculator

What storage class is general purpose storage?

S3 Standard storage

What stores objects in different storage tiers depending on the objects' usage?

S3 Intelligent-Tiering storage

What service is for storage of data that is accessed less frequently, but requires rapid access when needed?

S3 Standard-Infrequent Access storage

What service is for storage of data that is accessed less frequently, but requires rapid access when needed, but it is stored only in one AZ?

S3 One Zone-Infrequent Access storage

What service is for secure, durable, low-cost storage for data archiving?

S3 Glacier storage

What service is for low-cost storage and long-term retention and digital preservation for data that may be accessed once or twice in a year?

S3 Glacier Deep Archive storage

What is defined as a set of rules that define actions that Amazon S3 applies to a group of objects, so that you can either transition to another storage class or delete expired objects?

S3 Lifecycle management

What can you use to monitor access patterns in order to help you decide when to transition the right data to the right storage class?

S3 Storage Class Analysis

What tool will help you to make a cost estimate that fits your unique business needs?

Pricing Calculator

What feature allows you to add your own code to S3 GET requests to modify and process data as it is returned to an application?

Amazon S3 Object Lambda

What do you use to easily preserve, retrieve, and restore every version of an object stored in S3, allowing you to recover from unintended user actions and application failures?

S3 Versioning

What can you use to prevent accidental deletions?

Multi-Factor Authentication (MFA) Delete

What can be used to replicate objects to one or more destination buckets into the same or different AWS Regions?

S3 Replication

What can be used to replicate from a source S3 bucket to one or more destination buckets in different AWS Regions?

S3 Cross-Region Replication (CRR)

What can replicate objects between buckets in the same AWS Region?

S3 Same-Region Replication (SRR)

What can help you meet compliance requirements for data replication by providing a Service Level Agreement (SLA) and visibility into replication times?

S3 Replication Time Control

What can you use to ensure data is not deleted for a specified time period?

S3 Object Lock

``` What Reports show usage and Costs aggregated by your buckets? x x x x x x x x x x x C A R ```

AWS Cost Allocation Reports

What can you use to track the operational health of your AWS resources?

Amazon CloudWatch

What tracks and reports on buckets-level and object-level activities?

AWS CloudTrail

What can you configure to trigger workflows, alerts, and invoke AWS Lambda when a specific change is made to your S3 resources?

S3 Event Notification

What provides a single view of object storage usage and activity across all accounts in an organization, with drill-downs to generate insights at all levels?

S3 Storage Lens

What can observe and analyze data access patterns to help you determine when to transition less frequently accessed storage to a lower-cost STORAGE CLASS?

S3 Storage Class Analysis

What controls access to individual objects to individual users?

ACL Access Control List

What configures permissions for all objects within a single S3 bucket?

Bucket Policies

What grants time-limited access to others with temporary URLs?

Query String Authentication

What can you use to check the encryption status of your S3 objects?

S3 Inventory

What can you use to protect your buckets from the public?

S3 Block Public Access

What S3 service alerts you to S3 buckets that are configured to allow access to anyone on the internet or other AWS accounts, including accounts outside of your organization?

Access Analyzer for S3

What Amazon tool uses machine learning and pattern matching in order to discover and protect sensitive data stored in Amazon S3?

Amazon Macie

What provides private connectivity between Amazon S3 and on-premises?

AWS PrivateLink for S3

What can you use to query your data in S3 without needing to extract and load it into a separate service or platform?

Amazon Athena

What can you use to query more data than Amazon Athena?

Amazon Redshift Spectrum

What data transfer method can be used for hybrid cloud storage?

AWS Storage Gateway

What do you use to transfer data online to AWS?

AWS DataSync

What family of tools provide fully managed, simple and seamless file transfer to Amazon S3 using SFTP, FTPS, and FTP?

AWS Transfer Family

What can you use to enable fast transfers of files over long distances between your client and your Amazon S3 bucket?

Amazon S3 Transfer Acceleration

What can you use to transfer 8 TB of data offline to S3?

AWS Snowcone

What can you use to transfer 80 TB of data offline to S3?

AWS Snowball

What can you use to transfer 100 PB of data offline to S3?

AWS Snowmobile

What allows you to upload a single object as a set of parts? (a single object is broken into many parts, stored, and then assembled in the correct order to recreate the object)

Multipart upload

What can you use for faster transfers?

Amazon S3 Transfer Acceleration

Which service can a Cloud Practitioner use to configure custom cost and usage limits and enable alerts for when defined thresholds are exceeded?

AWS Budgets

What is a type of database that stores information where a significant amount of the value is the relationship between the data points?

graph database

What is a service that allows you to assess, audit, and evaluate the configuration of individual resources?

AWS Config

Which AWS support plan comes with a Technical Account Manager (TAM)?

Enterprise

What is an easy to use, high-performance, block-storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale?

EBS Ephemeral Storage

Which routing policy is used when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another?

Geoproximity routing

What is an interactive query service used to analyze data within S3?

Amazon Athena

What policies are standalone policies that you administer in your own AWS account?

Custom Managed Policies

What role is a role that a service assumes to perform actions in your account on your behalf?

AWS Service Role

What allows you to grant additional roles for up to one hour at a time?

Role Chaining

What is defined as the creation of a trust relationship between an external identity provider and AWS?

Federation

What is defined as an entity that you create to consolidate your AWS accounts so that you can administer them as a single unit?

Organization

What is the parent container for all the accounts for your organization?

Root

What is a container for accounts within a root?

Organization Unit (OU)

What is defined as a standard AWS account that contains your AWS resources and the identities that can access those resources?

Account

What is defined as a policy that specifies the services and actions that users and roles can use within accounts?

Service Control Policy (SCP)

What list assumes denial of everything?

Allow List

What list assumes allowance of everything?

Deny List

What is a policy that let’s you opt-out of AI services?

Artificial Intelligence (AI) services opt-out policy

What policy allows you to configure and deploy backup plans for your resources?

Backup Policy

What kind of policy helps you standardize tags across resources across all of the accounts in your organization?

Tag Policy

``` What is an easy-to-use interface that lets you explore, visualize, understand, and manage your AWS costs and usage over time? it includes reports, time periods can be set, filters are provided to look deeper, you can use the forecasting tool, and save reports as records? x x x x x Cost Explorer ```

Cost Explorer

What allows you to: Set usage limits to stay on budget Set limits to stay within the free tier Allow monthly budget increases in increments that you set Receive an alert when your budget has reached its limit through Amazon Simple Notification Service (SNS)

AWS Budgets

What can you use to monitor your estimated AWS charges?

Amazon CloudWatch

What is triggered when your account billing exceeds the threshold you specify?

Billing Alarm

What service do you use to pay your AWS BILL, monitor your usage, and analyze and control your COSTs?

AWS Billing and Cost Management

What is a fully managed messaging service for both application-to-application and application-to-person communication?

Amazon Simple Notification Service (Amazon SNS)

What allows you to calculate cost by month or year?

TCO Total Cost of Ownership

What tool shows you how much you pay for a la carte services over a specified time period? P C

AWS Pricing Calculator

What is the AWS solution for Object storage?

Simple Storage Service (S3)

What exists in a datacenter, and is copied to 2 other AZ's?

Buckets

What service allows you to send your files over AWS internet lines instead of the sending your files over the regular internet?

Transfer Acceleration

What service allows you to copy your files and replicate the files in a different Amazon region?

Cross Region Replication

What kicks in if your storage and services didn’t meet certain minimums for a charging period?

Service Level Agreement (SLA)

What is defined as moving files from one storage class to another? Files are moved from the more expensive storage to the less expensive storage.

Life Cycle Management

What service preserves previous versions of files after overwrites? This allows you to recall earlier versions of files.

File Versioning

What service prevents files from being deleted?

Object Lock

What is the smallest member of the snow family and provides offline transfer of data? Fits in your mailbox. 2 CPUs, 4 GB Ram, 8 TB storage.

Snowcone

What is the second size of the snow family and provides offline transfer of data?

Snowball

What is the largest size of the snow family and provides offline transfer of data?

Snowmobile

What is Amazon's Content Delivery Network service for S3, and caches data in Edge Locations?

AWS CloudFront

What is defined as the amount of time a cached file gets to exist until it is reevaluated against the origin, and if there is a difference in the files, the cached files are updated from the origin?

Time to Live

What is defined as a collection of data items with relationships between them?

Relational Database

What database is made by Amazon and is their fastest?

Aurora

What are three open source databases on AWS?

PostgreSQL MySQL MariaDB

What is a key-value and document database that delivers single-digit millisecond performance at any scale?

DynamoDB

What query service allows you to combine exabytes of structured and semi-structured data across your warehouse, operational database, and data lake using standard SQL?

Redshift

What service is a purpose-built, high-performance graph database engine optimized for storing billions of relationships and querying the graph with milliseconds latency?

Neptune

What is a language for Application Programming Interfaces (APIs) that enables you to query and manipulate data easily through an intuitive and flexible syntax? It also makes it possible for you to access many sources in a single request, reducing the number of network calls and bandwidth requirements, therefore saving battery life and CPU cycles consumed by your applications.

GraphQL

What type of database features entries and values that can all be distinct?

Key Value Database

What type of database features a hierarchy of documents?

Document database

What type of database features data that is organized by the relationships of the data within graphs?

Graph database

What is defined as a central repository of information that can be analyzed to make more informed decisions?

Data warehouse

What are the three tiers of data warehouse architecture?

Top tier Middle tier Bottom tier

What data warehouse tier is the front-end client that presents results through reporting, analysis, and data mining tools?

Top Tier

What data warehouse tier holds the analytics engine that is used to access and analyze the data?

Middle Tier

What data warehouse tier is the database server, where data is loaded and stored?

Bottom Tier

What Amazon service serves as a read only copy of your relational database?

Amazon Relational Database Service (RDS) Read Replica

What Amazon service helps deploy, maintain and scale Redis and Memcache HD database caching engines?

AWS Elasticache

What are the two cache service options within AWS ElastiCache?

Redis | Memcache HD

What is defined as a high-speed data storage layer which stores a subset of data, typically transient in nature, so that future requests for that data are served up faster than is possible by accessing the data’s primary storage location?

Caching

What Amazon service provides resizable compute capacity in the cloud?

Elastic Cloud Compute (EC2)

What is defined as hardware with power connectors and cables for networking?

Servers

What Amazon service is a: 1. core Infrastructure as a Service (IaaS) Amazon service. 2. Can be used on demand with no commitments 3. Can be resized and customized as needed. 4. Barebones, no other software is involved.

Electronic Compute Cloud (EC2)

What Amazon service is defined as an easy-to-use, scalable, high-performance block-storage service designed for Amazon Elastic Compute Cloud (EC2).

Amazon Elastic Block Store

What is the default storage type in EC2? (they work hand-in-hand)

Elastic Block Storage (EBS)

What storage type (type of drive) is best for relational databases?

Solid State Drive (SSD)

What storage type is best for streaming Input/Output?

Hard Drive (HDD)

What type of storage is fast, temporary storage? It is physically attached to the host computer. It is ephemeral, like RAM. It works as long as the instance is running, and the stored data disappears when the instance is terminated.

Instance Store

What is defined as a case or occurrence of anything? In computer technology, this could be an animal, but not the class of animal.

an Instance

What Amazon service is defined as a web service that provides secure, resizable compute capacity in the cloud? It is designed to make web-scale cloud computing easier for developers.

Elastic Compute Cloud

What Amazon service is defined as an easy to use, high-performance, block-storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale?

Elastic Block Store

What Amazon service provides temporary block-level storage for your instance? This storage is located on disks that are physically attached to the host computer.

Amazon EC2 Instance Store

What Amazon service will scale your instances based on demand or conditions that you define?

Elastic Cloud Compute (EC2) Auto Scaling

What are three types of scaling?

Dynamic Scaling Predictive scaling Scheduled scaling

What Amazon service will get your projects up and running quickly and will get all the resources you need?

Elastic Beanstalk

What Amazon service gives you Servers, storage, databases, and networking and is best used for Simple web applications, Websites, and Dev/test environments?

Amazon Lightsail

``` What Amazon service gives you an easy way to model a collection of related AWS and third-party resources, provision them quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code? x x x x x x x x Like forming a cloud ```

AWS CloudFormation

What Amazon service is a solution that helps customers quickly set up a secure, multi-account AWS environment based on AWS best practices? quickly set up an environment

Amazon Landing Zone

``` What Amazon service offers automated reference deployments built by AWS solutions architects and AWS Partners? x x x x x x x x x x x Amazon Q S ```

Amazon Quick Starts

What AWS service is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS?

AWS Marketplace

What AWS service is a serverless compute service that lets you run code without provisioning or managing servers, creating workload-aware cluster scaling logic, maintaining event integrations, or managing runtimes?

AWS Lambda

Name 5 AWS services that run serverless DASSL

``` DynamoDB Aurora Simple Notification Service (SNS) Simple Queue Service (SQS) Lambda ```

What AWS service is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases?

Amazon Aurora

Which AWS service is a highly available and scalable cloud Domain Name System web service? It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet application by translating names like www.example.com into the number IP addresses like 192.0.2.1, that computers use to connect to each other?

Amazon Route 53

Which routing policy is for a single source?

Simple Routing Policy

What routing policy do you use when you want to configure active-passive failover?

Failover Routing Policy

What routing policy do you use when you want to route traffic based on the location of your users?

Geolocation routing policy

What routing policy do you use when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another?

Geoproximity routing policy

What routing policy do you use when you have resources in multiple AWS Regions and you want to route traffic to the Region that provides the best latency with less round-trip time?

Latency routing policy

What routing policy do you use when you want Route 53 to respond to DNS queries with up to eight healthy records selected at random?

Multivalue answer routing policy

What routing policy do you use to route traffic to multiple resources in proportions that you specify?

Weighted routing policy

What do you create when you do these: 1. Provide an IP address or domain name that you want Route 53 to check. 2. Provide the protocol that you want Route 53 to use to perform the check: HTTP, HTTPS, or TCP. 3. Provide a request interval (how often do you want this check to happen?) 4. How many failures in a row must occur before Route 53 considers the website unhealthy? 5. Do you want to be notified?

Health Check

What Amazon service automatically distributes incoming application traffic across multiple targets, such as Amazon ECs instances, containers, IP addresses, Lambda functions, and virtual appliances?

Elastic Load Balancing

``` Name the 4 types of AWS Load Balancers. x x x x x x x x x x x x GANC ```

Gateway Load Balancer Application Load Balancer Network Load Balancer Classic Load Balancer

What Load Balancer is: 1. Best suited for HTTP and HTTPS 2. Provides advanced request routing targeted at the delivery of modern apps 3. Routes traffic to targets within Amazon Virtual Private Cloud (VPC) based on the content of the request

Application Load Balancer

What Load Balancer is: 1. Best suited for Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLP) traffic where extreme performance is required. 2. Capable of handling millions of requests per second while maintaining ultra-low latencies.

Network Load Balancer

What Load Balancer: 1. receives traffic. 2. sends traffic to a healthy and available virtual appliance. 3. Traffic is inspected and either forwarded back to GWLB or dropped. 4. sends traffic to the destination appearing unchanged. 5. The process goes exactly in reverse back to the source.

Gateway Load Balancer

What Load Balancer provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level?

Classic Load Balancer

What AWS service does this describe: A service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.

Virtual Private Cloud

What is defined as a system that tells VPC how to route packets?

Route Table

What is a service that provides a block to outside sources to enter your AWS VPC and will let you request information from the internet and let responses come in? BUT, no other traffic comes in to your VPC.

NAT Gateway | Network Address Translation

What is defined as a range of IP addresses in your VPC?

Subnet

What is defined as a set of rules, called routes, that are used to determine where network traffic is directed?

Route Table

What is defined as a gateway that you attach to your VPC to enable communication between resources in your VPC and the internet?

Internet Gateway

What enables you to privately connect your VPC to supported AWS services and VPC ENDPOINT services powered by PrivateLink without requiring an internet gateway?

VPC Endpoint

What is defined as an internet protocol address allocation and route aggregation methodology?

Classless Inter-Domain Routing Block | CIDR Block

What is defined as an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set these up with rules similar to your security groups in order to add an additional layer of security to your VPC?

Network Access Control List (NACL)

What is defined as a set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed?

Route Table

What is defined as the route table that automatically comes with your VPC? It controls the routing for all subnets that are not explicitly associated with any other route table?

Main Route Table

What is defined as a route table that you create for your VPC?

Custom Route Table

What is defined as a route that’s associated with a subnet?

Subnet route table

What is defined as a route that’s associated with an internet gateway or virtual private gateway?

Gateway route table

What is defined as a route table that’s associated with an Outposts local gateway?

Local gateway route table

What allows a virtual private gateway to automatically propagate routes to the route tables?

Propagation

What is defined as a default route for communication within the VPC?

Local Route

What is defined as a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses?

VPC peering connection

What is defined as a monitoring tool that let’s us see how we are running and what the metrics are?

CloudWatch

What is defined as an auditing tool, and it let’s you see what everyone has done within our system?

CloudTrail

What Amazon service is: 1. a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT manager, 2. provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health, 3. collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and om-premises servers, 4. enables you to set alarms and automate actions based on either predefined thresholds, or on machine learning algorithms that identify anomalous behavior in your metrics

CloudWatch

``` What Amazon service provides the metrics of: Disk Read Ops Disk Write Ops Disk Read Bytes Disk Write Bytes Metadata No Token Network In Network Out Network Packets In Network Packets Out ```

CloudWatch

What Amazon service provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services?

CloudTrail

What Amazon service is defined as an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL?

Athena

What Amazon service is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS?

Macie

What Amazon service helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources and gives you control over how traffic reaches your applications by enabling you to create security rules that control bot traffic and block common attack patterns, such as SQL injection or cross-site scripting?

AWS Web Application Firewall

What Amazon service is a defense against common, frequently occurring network and transport layer DDoS attacks that target your website or applications?

AWS Shield

What are the two tiers of AWS Shield?

Standard | Advanced

What Amazon security service gives you fine-grained control over the web requests that your protected resource responds to?

Web Access Control List

What firewall is a false front that acts as the face of the application?

Proxy Firewall

What firewall allows or blocks traffic based on state, port or protocol? It monitors all activity from the opening of a connection until it is closed.

Stateful Inspection Firewall

What firewall combines a Stateful Inspection Firewall with intrusion prevention and antivirus? It may also include additional services and often Cloud management.

Unified Threat Management Firewall

What firewall includes: • Standard firewall capabilities • Integrated intrusion prevention • Application awareness and control to see and block risky apps • Upgraded paths to include future information feeds • Techniques to address evolving security threats

Next-Generation Firewall (NGFW)

What firewall includes: all of NGFW and: • Know which assets are most at risk • Quickly react to attacks with intelligent security automation that sets policies and hardens your defense dynamically • Better detect evasive or suspicious activity with network and endpoint event correlation • Greatly decrease the time from detection to cleanup with retrospective security that continuously monitors for suspicious activity and behavior even after initial inspection • Ease administration and reduce complexity with unified policies that protect across the entire attack continuum

Threat-Focused NGFW

What firewall is typically deployed as a virtual appliance in a private cloud or public cloud to monitor and secure traffic across physical and virtual networks?

Virtual Firewall

What Amazon resource provides on-demand access to past AWS’ security and compliance reports and select online agreements, and includes: • Service Organization Control (SOC) reports, • Payment Card Industry (PCI) reports • Certifications from accreditation bodies that validate AWS security controls

AWS Artifact

What Amazon service is: • A threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. • Uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats • Integrate with Amazon CloudWatch Events for alerts that are actionable, easy to aggregate across multiple accounts, and straightforward to push into existing event management and workflow systems

Amazon GuardDuty

What Amazon service provides recommendations that help you follow AWS best practices by identifying ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas?

AWS Trusted Advisor

What Amazon service is: • An automated security assessment service that helps improve the security and compliance of applications deployed on AWS • Automatically assesses applications for exposure, vulnerabilities, and deviations from best practices • After an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity.

Amazon Inspector

What Amazon service is: • A service that enables you to assess, audit, and evaluate the configurations of your AWS resources • Continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations • Enables you to inventory your AWS resources, the configurations of your AWS resources, as well as software configurations within EC2 instances • Amazon Simple Notification System can be set to send you a notification when changes to configurations are made

AWS Config

What Amazon service is: intended for sending messages to subscribers who subscribe to and receive notifications, notifications can be sent over http, texts, and can also be emails, doesn't support multimedia content?

Simple Notification Service

What Amazon service is: intended for applications that need to send communications via email, supports custom email headers, supports multimedia content?

Simple Email Service

What are the Five Pillars of the Framework?

1. Operational Excellence 2. Security 3. Reliability 4. Performance Efficiency 5. Cost Optimization

What Pillar includes the ability to support development and run workloads effectively, gain insight into their operations, and to continuously improve supporting processes and procedures to deliver business value?

Operational Excellence Pillar

What Pillar involves the ability to protect data, systems, and assets to take advantage of cloud technologies to improve your security?

Security Pillar

What Pillar involves: • The ability of a workload to perform its intended function correctly and consistently when it’s expected to. • The ability to operate and test the workload through its total lifecycle

Reliability Pillar

What Pillar involves: • The ability to use computing resources efficiently to meet system requirements • To maintain that efficiency as demand changes and technologies evolve

Performance Efficiency Pillar

What Pillar involves the ability to run systems to deliver business value at the lowest price point?

Cost Optimization Pillar

What Model involves security of the infrastructure and security of the customer's systems?

Shared Responsibility Model

What are three premium AWS support plans?

Developer Business Enterprise

What service is a workflow service for building scalable, resilient applications?

Simple Workflow Service

What is defined as a secure and resilient service that uses hardware security modules to protect your keys? It is integrated with AWS CloudTrail to provide you with logs of all key usage.

Key Management Service

What AWS network feature can establish a private network connection between AWS and your datacenter?

AWS Direct Connect

What tool can you use to control multiple AWS services from the COMMAND LINE and automate them through scripts?

Command Line Interface (CLI)

What service is a flexible and scalable outbound and inbound marketing communications service?

Amazon Pinpoint

What service helps enterprise customers plan migration projects by gathering information about their on-premises data centers?

AWS Application Discovery Service

How do I report abuse of AWS resources?

AWS Trust and Safety Team | AWS Abuse Team

What provides the information required to launch an instance?

Amazon Machine Images | AMI

What is defined as a fully managed, petabyte-scale data warehouse service in the cloud?

Amazon Redshift

What service is a networking service that improves the performance of your users’ traffic by up to 60% using Amazon Web Services’ global network infrastructure?

AWS Global Accelerator

What is defined as a label that you assign to an AWS resource? Each one consists of a key and an optional value, both of which you define.

Tag

What can you use as a common file system for multiple EC2 instances?

Amazon Elastic File System

What Network is the global community of Partners who leverage Amazon Web Services to build solutions and services for customers?

AWS Partner Network

What program supports companies that want to provide solutions to common AWS problems?

APN Consulting Partners

What should an IAM user provide to interact with AWS services using the AWS CLI?

Access Keys