AWS Solutions Architect - AWS Object Storage and CDN - S3, Glacier and CloudFront Flashcards
1
Q
True or False:
Termination Protection is turned on by default
A
False.
Termination Protection must be enabled, as it is not turned on by default.
2
Q
On an EBS-backed instance, the default action is for root EBS volume to be deleted when the instance in terminated
A
True
3
Q
EBS Root Volumes of your DEFAULT AMI’s can be encrypted
A
False.
EBS Root Volumes of your DEFAULT AMI’s cannot be encrypted. You can use a third party tool (such as bit locker etc) to encrypt the root volume, or this can be done when creating AMIs in the AWS console or using the API
4
Q
Additional Volumes cannot be encrypted.
A
False.
Additional Volumes can be encrypted.
5
Q
What does EC2 stand for?
A
Elastic Compute Cloud
6
Q
Which EC2 Option:
allows you to pay a fixed rate by the hour with no commitment?
A
On Demand
7
Q
Which EC2 Option:
Provides you with a capacity reservation and offer a significant discount on hourly charge for an instance. 1 to 3 year terms ?
A
Reserved
8
Q
Which EC2 Option:
enables you to bid whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end times?
A
Spot
9
Q
Which EC2 Option:
offers physical EC2 servers dedicated for your use?
A
Dedicated Hosts
10
Q
Which EC2 Option:
should be used by users that want the low cost and flexibility of Amazon EC2 without any up-front payment or long-term commitment?
A
On Demand
11
Q
Which EC2 Option:
should be used for applications with short term, spiky, or unpredictable workloads that cannot be interrupted?
A
On Demand
12
Q
Which EC2 Option:
should be used for applications being developed or tested on Amazon EC2 for the first time?
A
On Demand
13
Q
Which EC2 Option:
should be used for applications with steady state or predictable usage?
A
Reserved
14
Q
Which EC2 Option:
should be used for applications that require reserved capacity?
A
Reserved
15
Q
Which EC2 Option:
should be used so users are able to make upfront payments to reduce their total computing costs even further?
A
Reserved
16
Q
Which EC2 Option:
should be used for applications with flexible start and end times?
A
Spot
17
Q
Which EC2 Option:
should be used for applications that are only feasible at very low compute prices?
A
Spot
18
Q
Which EC2 Option:
should be used by users with urgent computing needs for large amounts of capacity?
A
Spot
19
Q
Which EC2 Option:
is useful for regulatory requirements that may not support multi-tenant virtualization?
A
Dedicated Hosts
20
Q
Which EC2 Option:
is great for licensing which does not support multi-tenancy or cloud deployments?
A
Dedicated Hosts
21
Q
Which EC2 Option(s):
can be purchased On-demand (hourly)
A
On Demand and Dedicated Hosts
22
Q
Which EC2 Option:
can be purchased as a Reservation for up to 70% off the On-Demand price?
A
Dedicated Hosts
23
Q
If the Spot Instance is terminated by Amazon EC2, you are responsible to pay for the partial hour of usage.
A
False.
you will not be charged for the partial hour of usage if AWS terminates your ECS instance. You are responsible for the partial hour if YOU terminate it early.
24
Q
If you terminate a Spot instance yourself, you will be charged for any hour in which the instance ran
A
True
25
What is the result if the EC2 Spot price rises of above your submitted bid price?
Your instance will be terminated, and you will not be charged for the partial hour.
26
Which EC2 Instance Type:
| should be used as Fileservers / Data Warehousing / Hadoop?
Dense Storage (D2)
27
Which EC2 Instance Type:
| should be used for Memory Intensive Apps / DBs?
Memory Optimized (R4)
28
Which EC2 Instance Type:
| should be used as application servers
General Purpose (M4)
29
Which EC2 Instance Type:
| should be used for CPU intensive apps / DBs?
Compute Optimized (C4)
30
Which EC2 Instance Type:
| should be used for video encoding / 3D application streaming?
Graphics Intensive (G2)
31
Which EC2 Instance Type:
| should be used for NoSQL DBs, Data Warehousing, etc.
High Speed Storage (I2)
32
Which EC2 Instance Type:
| should be used for hardware acceleration for your code?
Field Programmable Gate Array (F1)
33
Which EC2 Instance Type:
| should be used for Web servers / Small DBs?
Lowest Cost, General Purpose (T2)
34
Which EC2 Instance Type:
| should be used for machine learning, Bit Coin Mining etc.?
Graphics/General Purpose GPU (P2)
35
Which EC2 Instance Type:
| should be used for SAP HANA/Apache Spark etc.?
Memory Optimized (X1)
36
What is the mnemonic for the EC2 Instance Types, and what does each letter stand for?
Mnemonic: DR Mc GIFT PX
```
D - for Density
R - for RAM
M - main choice for general purpose
C - for Compute
G - for Graphics
I - for IOPs
F - for FPGA (Field Programmable Gate Arrays)
T - cheap general purpose (think T2 Micro)
P - Graphics (think Pics)
X - Extreme Memory
```
37
What is the mnemonic for EC2 instance families?
Dr Mc Gift Px
38
Which EC2 family does the "D" represent in the mnemonic?
Dr Mc Gift Px
D: Density
39
Which EC2 family does the "R" represent in the mnemonic?
Dr Mc Gift Px
R: RAM
40
Which EC2 family does the "M" represent in the mnemonic?
Dr Mc Gift Px
M: Main choice (general purpose)
41
Which EC2 family does the "C" represent in the mnemonic?
Dr Mc Gift Px
C: Compute
42
Which EC2 family does the "G" represent in the mnemonic?
Dr Mc Gift Px
G: Graphics
43
Which EC2 family does the "I" represent in the mnemonic?
Dr Mc Gift Px
I: IOPS (I/O operations per second)
44
Which EC2 family does the "F" represent in the mnemonic?
Dr Mc Gift Px
F: FPGA (Field Programmable Gate Array)
NOT: Female Professional Golfers Association
45
Which EC2 family does the "T" represent in the mnemonic?
Dr Mc Gift Px
T: T2 Micro (cheap general purpose)
46
Which EC2 family does the "P" represent in the mnemonic?
Dr Mc Gift Px
P: Graphics (think Pics)
47
Which EC2 family does the "X" represent in the mnemonic?
Dr Mc Gift Px
X: eXtreme Memory
48
How many EBS Volume Types does AWS offer? Name them.
There are 5 Volume Types:
1) GP2 - General purpose SSD
2) IO1 - Provisioned IOPS SSD
3) ST1 - Throughput Optimized HDD (Magnetic Storage)
4) SC1 - Cold HDD
5) Magnetic (Standard)
49
Which EBS Volume Type is best for general purpose, balancing both price and performance?
General Purpose SSD (GP2)
50
Which EBS Volume Type provides a ratio of 3 IOPS per GB with up to 10,000 IOPS and the ability to burst up to 3000 IOPS for extended periods of time for volumes under 1GiB
General Purpose SSD (GP2)
51
Which EBS Volume Type is designed for I/O intensive applications such as large relational or NoSQL DBs?
Provisioned IOPS SSD (I01)
52
Which EBS Volume Type would you use should you require over 10,000 IOPS?
Provisioned IOPS SSD (I01)
53
What is the maximum IOPS that can be provisioned by each IO1 EBS Volume?
20,000
54
Which EBS Volume Type would be ideal for Big Data, data warehouses or log processing?
Throughput Optimized HDD (ST1)
55
True or False:
| ST1 EBS Volume Types are ideal for use as boot volumes?
False.
| Throughput Optimized HDD (ST1) cannot be used as boot volumes.
56
How many EBS Volume Types cannot be used as boot volumes? Name them.
Answer: 2
1) Throughput Optimized HDD (ST1)
2) Cold HDD (SC1)
57
Which EBS Volume Type provides the lowest cost storage for infrequently accessed workloads?
Cold HDD (SC1)
58
Which bootable EBS Volume Type has the lowest cost per GB?
Magnetic (Standard)
59
True or False:
Magnetic EBS Volumes are ideal for workloads where data is accessed infrequently, and applications where the lowest storage cost is important.
True
60
True of False:
| ST1 and SC1 are basically the same thing, however, ST1 is bootable whereas SC1 is not
False
| SC1 and Magnetic (Standard) are basically the same thing, but Magnetic is bootable, which SC1 is not.
61
What does EBS stand for?
Elastic Block Storage
62
True or False:
| You can mount 1 EBS volume to multiple EC2 instances
False.
| You cannot mount 1 EBS volume to multiple EC2 instances. Instead use EFS.
63
True or False:
| 1 EC2 instance can have multiple security groups
True
64
True or False:
| AMIs are virtual firewalls
False
| AMIs are Amazon Machine Images. Security Groups are virtual firewalls
65
True or False:
| Any modifications to a Security Groups require 24 hours to propagate to all servers.
False.
| Changes to security groups are immediate.
66
True or False:
| Security Group Rules are stateful, which means an outbound rule must be provided to allow traffic traffic back out again
False.
| Security Group Rules are stateful, but traffic is automatically allowed back out again. No outbound rules are required
67
True or False:
| Security Groups can be used to deny inbound traffic access to certain ports
False.
| Security Groups can only allow. All inbound traffic is denied by default.
68
True or False:
| A Security Group can have only a single EC2 instance.
False.
| You can have any number of EC2 instances within a security group.
69
True or False:
| You cannot block specific IP addresses using Security Groups.
True.
| Instead, use Network Access Control Lists.
70
What is the maximum S3 file size?
5 TB
71
What is the S3 storage maximum?
S3 storage is unlimited, but you will pay by the GB
72
S3 is a global namespace. How does this affect naming convention?
Bucket names must be unique globally
73
what is the S3 URL naming convention?
https: s3-[region].amazonaws.com/[bucket]
| e. g., https://s3-aws-west-2.amazonaws.com/acloudguru
74
If an S3 upload is successful, what HTTP code will you receive?
200
75
What is S3 data consistency model for new PUTS?
read after write (immediate after 1 ms)
76
What is the S3 data consistency model for overwrite PUTS and DELETEs?
eventual consistency
77
What are the 5 (+2 children) components of S3 Key Value objects?
1. Key
2. Value
3. Version ID
4. Metadata
5. Subresources
a. Access Control Lists (ACLs)
b. torrent
78
What percentage availability is S3 Standard designed for?
99.99%
79
Amazon guarantees 99.99% S3 availability.
False. AWS guarantees 99.9%
80
What is the x9 SLA guarantee for S3 information durability?
11 x 9s (99.999999999%)
81
What 2 ways can you use to secure your S3 data?
1. Access Control Lists (ACLs)
| 2. Bucket Policies
82
What are the properties of S3 standard storage class?
11 x 9s SLA. Stored Redundantly across multiple facilities. Can concurrently lose up to 2 facilities (AZs).
(durable, immediately available, frequently accessed)
83
What are the S3 storage classes?
1. S3 standard
2. S3 - IA (infrequent access)
3. S3 One Zone IA
4. Glacier
84
What are the properties of the S3 IA storage class?
For Infrequently Accessed data that requires instant access. Lower fee than S3 standard, but will require a retrieval fee.
(durable, immediately available, infrequently accessed)
85
What are the properties of the S3 One Zone IA storage class?
Like S3 IA (Infrequently Accessed) data that doesn't require multiple AZ data resilience. Is stored in a single Availability Zone (AZ). Lower fee than IA.
(cheaper than IA but one availability zone)
86
What the properties of the S3 Glacier storage class?
Glacier is the lowest cost storage tier, used for archival only. Standard, Expedited or Bulk.
(archived data, 3-5 hour wait before accessing)
Standard retrieval requires 3-5 hours
Expedited: within a few minutes (highest fee)
Bulk: 5-12 hours
87
What percentage availability is S3 Standard IA designed for?
99.9%
88
What percentage availability is S3 One Zone IA designed for?
99.5%
89
What percentage availability is S3 Glacier designed for?
N/A
90
Which S3 storage classes charge a retrieval fee?
All but S3 Standard:
* S3 Standard - IA
* S3 One Zone - IA
* S3 Glacier
91
How many S3 charges are there and what are they?
5 S3 Charges:
1. Storage
2. Requests
3. Storage Mgmt Pricing
4. Data Transfer Pricing
5. Transfer Acceleration
92
What is S3 Transfer Acceleration?
S3 Transfer Acceleration leverages Amazon's CloudFront globally distributed edge locations to easily, quickly and securely transfer data over long distances between end users and an S3 bucket.
93
S3 comprises block-based storage
False. S3 is object based, i.e., allows you to upload files up to 5 TB
94
Read the S3 FAQ before taking the exam
https://aws.amazon.com/s3/faqs/
95
True or False: By default, S3 buckets and all objects uploaded to are private
True. Objects have to be made public. From inside the S3 bucket, select the file and choose Actions > Make Public.
Ensure you've previously unchecked all boxes under "Edit public access settings" at the bucket level.
96
What are the three S3 Server Side Encryption (SSE) types?
1. SSE-S3 with Amazon S3 Managed Keys
2. SSE-KMS with Amazon Key Management Service (KMS)
3. SSE-C using Customer Provided Keys
97
What keyword must be typed to complete updating S3 Public Access Settings?
confirm
98
How do you restore a deleted S3 object?
Delete the Delete Marker
99
True or False: Once enabled, S3 versioning cannot be suspended, only disabled.
False. Once enabled S3 versioning cannot be disabled, only suspended.
100
S3 Versioning's MFA Delete capability can be used to provide an additional layer of security
True.
101
What is the aws CLI command to copy S3 files
aws s3 cp --recursive s3://[source] s3://[destination]
102
True or False: S3 replication replicates delete markers on files deleted from a source bucket.
False. S3 object deletes are not replicated.
103
True or False: All existing files in the source S3 Bucket are automatically replicated upon activation of replication on a destination S3 Bucket.
False
104
True or False: Daisy chaining can be used to replicate an S3 Bucket across multiple buckets
False. You cannot replicate across multiple buckets or use daisy chaining (at this time; maybe subject to change)
105
True or False: S3 Lifecycle Management only pertains to current S3 object versions
False. S3 Lifecycle Management can be enabled for both current and previous versions
106
What is a CloudFront Edge Location?
A location where content will be cached. Separate from a Region or AZ. Both Read/Write.
(Currently over 50 Edge Locations)
107
What is the term for a CloudFront CDN collection of Edge Locations?
A Distribution
108
What are the two type of CloudFront Distributions, and why is each used?
1. Web Distribution - used for web sites
| 2. Real-Time Messaging Protocol (RTMP) - used for media streaming
109
What are the 3 CloudFront components?
1. Edge Locations
2. Origin
3. Distribution
110
How long are CloudFront objects cached?
For the life of the specified Time-to-Live (TTL)
111
True of False: You can clear cached CloudFront objects, but you will be charged
True
112
What are the AWS S3 options for Encryption?
In transit: SSL/Transport Layer Security (TLS)
At Rest:
* Server Side Encryption:
* SSE-S3: S3 Managed Keys (most common)
- Advanced Encryption Standard (AES) 256-bit
* SSE-KMS: AWS Key Mgmt Service, Managed Keys
* SSE-C: Customer-provided Keys
* Client Side Encryption
113
What is AWS Storage Gateway?
A service that connects an on-premise software appliance with cloud-based storage seamlessly
114
What are the types of Storage Gateways?
4 Types:
1. File Gateway ((new!) NFS flat files. No on-prem)
Volumes Gateway (iSCSI block based)
2) Stored Volumes (entire dataset on-prem)
3) Cached Volumes (only recently accessed on-prem)
4. Tape Gateway (VTL uses popular backup apps like NetBackup, Backup Exec, Veeam, etc.)
115
What is an AWS snowball?
a secure petabyte-scale data transport appliance to transfer data into/out of AWS
116
compare and contrast the types of snowballs
1. Snowball: 80 TB capacity
2. Snowball Edge: 100 TB capacity + compute capability + Lambda. (A mini AWS Data center in a box)
3. Snowmobile (18-wheeler container) 100 Petabyte or Exabyte level data transfer/storage to AWS. Secure, fast, cost effective. Can transfer an entire DC in 6 months.
117
What is A Cloud Guru's recommended website to calculate IP address ranges?
CIDR.xyz
