AWS Solutions Architect - AWS Object Storage and CDN - S3, Glacier and CloudFront

Question 1

True or False:

Termination Protection is turned on by default

Answer 1

False.

Termination Protection must be enabled, as it is not turned on by default.

Question 2

On an EBS-backed instance, the default action is for root EBS volume to be deleted when the instance in terminated

Answer 2

True

Question 3

EBS Root Volumes of your DEFAULT AMI’s can be encrypted

Answer 3

False.
EBS Root Volumes of your DEFAULT AMI’s cannot be encrypted. You can use a third party tool (such as bit locker etc) to encrypt the root volume, or this can be done when creating AMIs in the AWS console or using the API

Question 4

Additional Volumes cannot be encrypted.

Answer 4

False.

Additional Volumes can be encrypted.

Question 5

What does EC2 stand for?

Answer 5

Elastic Compute Cloud

Question 6

Which EC2 Option:

allows you to pay a fixed rate by the hour with no commitment?

Answer 6

On Demand

Question 7

Which EC2 Option:
Provides you with a capacity reservation and offer a significant discount on hourly charge for an instance. 1 to 3 year terms ?

Answer 7

Reserved

Question 8

Which EC2 Option:
enables you to bid whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end times?

Answer 8

Spot

Question 9

Which EC2 Option:

offers physical EC2 servers dedicated for your use?

Answer 9

Dedicated Hosts

Question 10

Which EC2 Option:
should be used by users that want the low cost and flexibility of Amazon EC2 without any up-front payment or long-term commitment?

Answer 10

On Demand

Question 11

Which EC2 Option:

should be used for applications with short term, spiky, or unpredictable workloads that cannot be interrupted?

Answer 11

On Demand

Question 12

Which EC2 Option:

should be used for applications being developed or tested on Amazon EC2 for the first time?

Answer 12

On Demand

Question 13

Which EC2 Option:

should be used for applications with steady state or predictable usage?

Answer 13

Reserved

Question 14

Which EC2 Option:

should be used for applications that require reserved capacity?

Answer 14

Reserved

Question 15

Which EC2 Option:

should be used so users are able to make upfront payments to reduce their total computing costs even further?

Answer 15

Reserved

Question 16

Which EC2 Option:

should be used for applications with flexible start and end times?

Answer 16

Spot

Question 17

Which EC2 Option:

should be used for applications that are only feasible at very low compute prices?

Answer 17

Spot

Question 18

Which EC2 Option:

should be used by users with urgent computing needs for large amounts of capacity?

Answer 18

Spot

Question 19

Which EC2 Option:

is useful for regulatory requirements that may not support multi-tenant virtualization?

Answer 19

Dedicated Hosts

Question 20

Which EC2 Option:

is great for licensing which does not support multi-tenancy or cloud deployments?

Answer 20

Dedicated Hosts

Question 21

Which EC2 Option(s):

can be purchased On-demand (hourly)

Answer 21

On Demand and Dedicated Hosts

Question 22

Which EC2 Option:

can be purchased as a Reservation for up to 70% off the On-Demand price?

Answer 22

Dedicated Hosts

Question 23

If the Spot Instance is terminated by Amazon EC2, you are responsible to pay for the partial hour of usage.

Answer 23

False.
you will not be charged for the partial hour of usage if AWS terminates your ECS instance. You are responsible for the partial hour if YOU terminate it early.

Question 24

If you terminate a Spot instance yourself, you will be charged for any hour in which the instance ran

Answer 24

True

Question 25

What is the result if the EC2 Spot price rises of above your submitted bid price?

Answer 25

Your instance will be terminated, and you will not be charged for the partial hour.

Question 26

Which EC2 Instance Type:

should be used as Fileservers / Data Warehousing / Hadoop?

Answer 26

Dense Storage (D2)

Question 27

Which EC2 Instance Type:

should be used for Memory Intensive Apps / DBs?

Answer 27

Memory Optimized (R4)

Question 28

Which EC2 Instance Type:

should be used as application servers

Answer 28

General Purpose (M4)

Question 29

Which EC2 Instance Type:

should be used for CPU intensive apps / DBs?

Answer 29

Compute Optimized (C4)

Question 30

Which EC2 Instance Type:

should be used for video encoding / 3D application streaming?

Answer 30

Graphics Intensive (G2)

Question 31

Which EC2 Instance Type:

should be used for NoSQL DBs, Data Warehousing, etc.

Answer 31

High Speed Storage (I2)

Question 32

Which EC2 Instance Type:

should be used for hardware acceleration for your code?

Answer 32

Field Programmable Gate Array (F1)

Question 33

Which EC2 Instance Type:

should be used for Web servers / Small DBs?

Answer 33

Lowest Cost, General Purpose (T2)

Question 34

Which EC2 Instance Type:

should be used for machine learning, Bit Coin Mining etc.?

Answer 34

Graphics/General Purpose GPU (P2)

Question 35

Which EC2 Instance Type:

should be used for SAP HANA/Apache Spark etc.?

Answer 35

Memory Optimized (X1)

Question 36

What is the mnemonic for the EC2 Instance Types, and what does each letter stand for?

Answer 36

Mnemonic: DR Mc GIFT PX

D - for Density
R - for RAM
M - main choice for general purpose
C - for Compute
G - for Graphics
I - for IOPs
F - for FPGA (Field Programmable Gate Arrays)
T - cheap general purpose (think T2 Micro)
P - Graphics (think Pics)
X - Extreme Memory

Question 37

What is the mnemonic for EC2 instance families?

Answer 37

Dr Mc Gift Px

Question 38

Which EC2 family does the “D” represent in the mnemonic?

Answer 38

Dr Mc Gift Px

D: Density

Question 39

Which EC2 family does the “R” represent in the mnemonic?

Answer 39

Dr Mc Gift Px

R: RAM

Question 40

Which EC2 family does the “M” represent in the mnemonic?

Answer 40

Dr Mc Gift Px

M: Main choice (general purpose)

Question 41

Which EC2 family does the “C” represent in the mnemonic?

Answer 41

Dr Mc Gift Px

C: Compute

Question 42

Which EC2 family does the “G” represent in the mnemonic?

Answer 42

Dr Mc Gift Px

G: Graphics

Question 43

Which EC2 family does the “I” represent in the mnemonic?

Answer 43

Dr Mc Gift Px

I: IOPS (I/O operations per second)

Question 44

Which EC2 family does the “F” represent in the mnemonic?

Answer 44

Dr Mc Gift Px

F: FPGA (Field Programmable Gate Array)

NOT: Female Professional Golfers Association

Question 45

Which EC2 family does the “T” represent in the mnemonic?

Answer 45

Dr Mc Gift Px

T: T2 Micro (cheap general purpose)

Question 46

Which EC2 family does the “P” represent in the mnemonic?

Answer 46

Dr Mc Gift Px

P: Graphics (think Pics)

Question 47

Which EC2 family does the “X” represent in the mnemonic?

Answer 47

Dr Mc Gift Px

X: eXtreme Memory

Question 48

How many EBS Volume Types does AWS offer? Name them.

Answer 48

There are 5 Volume Types:

1) GP2 - General purpose SSD
2) IO1 - Provisioned IOPS SSD
3) ST1 - Throughput Optimized HDD (Magnetic Storage)
4) SC1 - Cold HDD
5) Magnetic (Standard)

Question 49

Which EBS Volume Type is best for general purpose, balancing both price and performance?

Answer 49

General Purpose SSD (GP2)

Question 50

Which EBS Volume Type provides a ratio of 3 IOPS per GB with up to 10,000 IOPS and the ability to burst up to 3000 IOPS for extended periods of time for volumes under 1GiB

Answer 50

General Purpose SSD (GP2)

Question 51

Which EBS Volume Type is designed for I/O intensive applications such as large relational or NoSQL DBs?

Answer 51

Provisioned IOPS SSD (I01)

Question 52

Which EBS Volume Type would you use should you require over 10,000 IOPS?

Answer 52

Provisioned IOPS SSD (I01)

Question 53

What is the maximum IOPS that can be provisioned by each IO1 EBS Volume?

Answer 53

20,000

Question 54

Which EBS Volume Type would be ideal for Big Data, data warehouses or log processing?

Answer 54

Throughput Optimized HDD (ST1)

Question 55

True or False:

ST1 EBS Volume Types are ideal for use as boot volumes?

Answer 55

False.

Throughput Optimized HDD (ST1) cannot be used as boot volumes.

Question 56

How many EBS Volume Types cannot be used as boot volumes? Name them.

Answer 56

Answer: 2

1) Throughput Optimized HDD (ST1)
2) Cold HDD (SC1)

Question 57

Which EBS Volume Type provides the lowest cost storage for infrequently accessed workloads?

Answer 57

Cold HDD (SC1)

Question 58

Which bootable EBS Volume Type has the lowest cost per GB?

Answer 58

Magnetic (Standard)

Question 59

True or False:
Magnetic EBS Volumes are ideal for workloads where data is accessed infrequently, and applications where the lowest storage cost is important.

Answer 59

True

Question 60

True of False:

ST1 and SC1 are basically the same thing, however, ST1 is bootable whereas SC1 is not

Answer 60

False

SC1 and Magnetic (Standard) are basically the same thing, but Magnetic is bootable, which SC1 is not.

Question 61

What does EBS stand for?

Answer 61

Elastic Block Storage

Question 62

True or False:

You can mount 1 EBS volume to multiple EC2 instances

Answer 62

False.

You cannot mount 1 EBS volume to multiple EC2 instances. Instead use EFS.

Question 63

True or False:

1 EC2 instance can have multiple security groups

Answer 63

True

Question 64

True or False:

AMIs are virtual firewalls

Answer 64

False

AMIs are Amazon Machine Images. Security Groups are virtual firewalls

Question 65

True or False:

Any modifications to a Security Groups require 24 hours to propagate to all servers.

Answer 65

False.

Changes to security groups are immediate.

Question 66

True or False:

Security Group Rules are stateful, which means an outbound rule must be provided to allow traffic traffic back out again

Answer 66

False.

Security Group Rules are stateful, but traffic is automatically allowed back out again. No outbound rules are required

Question 67

True or False:

Security Groups can be used to deny inbound traffic access to certain ports

Answer 67

False.

Security Groups can only allow. All inbound traffic is denied by default.

Question 68

True or False:

A Security Group can have only a single EC2 instance.

Answer 68

False.

You can have any number of EC2 instances within a security group.

Question 69

True or False:

You cannot block specific IP addresses using Security Groups.

Answer 69

True.

Instead, use Network Access Control Lists.

Question 70

What is the maximum S3 file size?

Answer 70

5 TB

Question 71

What is the S3 storage maximum?

Answer 71

S3 storage is unlimited, but you will pay by the GB

Question 72

S3 is a global namespace. How does this affect naming convention?

Answer 72

Bucket names must be unique globally

Question 73

what is the S3 URL naming convention?

Answer 73

https: s3-[region].amazonaws.com/[bucket]

e. g., https://s3-aws-west-2.amazonaws.com/acloudguru

Question 74

If an S3 upload is successful, what HTTP code will you receive?

Answer 74

200

Question 75

What is S3 data consistency model for new PUTS?

Answer 75

read after write (immediate after 1 ms)

Question 76

What is the S3 data consistency model for overwrite PUTS and DELETEs?

Answer 76

eventual consistency

Question 77

What are the 5 (+2 children) components of S3 Key Value objects?

Answer 77

1. Key
2. Value
3. Version ID
4. Metadata
5. Subresources
   a. Access Control Lists (ACLs)
   b. torrent

Question 78

What percentage availability is S3 Standard designed for?

Answer 78

99.99%

Question 79

Amazon guarantees 99.99% S3 availability.

Answer 79

False. AWS guarantees 99.9%

Question 80

What is the x9 SLA guarantee for S3 information durability?

Answer 80

11 x 9s (99.999999999%)

Question 81

What 2 ways can you use to secure your S3 data?

Answer 81

1. Access Control Lists (ACLs)

2. Bucket Policies

Question 82

What are the properties of S3 standard storage class?

Answer 82

11 x 9s SLA. Stored Redundantly across multiple facilities. Can concurrently lose up to 2 facilities (AZs).

(durable, immediately available, frequently accessed)

Question 83

What are the S3 storage classes?

Answer 83

1. S3 standard
2. S3 - IA (infrequent access)
3. S3 One Zone IA
4. Glacier

Question 84

What are the properties of the S3 IA storage class?

Answer 84

For Infrequently Accessed data that requires instant access. Lower fee than S3 standard, but will require a retrieval fee.

(durable, immediately available, infrequently accessed)

Question 85

What are the properties of the S3 One Zone IA storage class?

Answer 85

Like S3 IA (Infrequently Accessed) data that doesn’t require multiple AZ data resilience. Is stored in a single Availability Zone (AZ). Lower fee than IA.

(cheaper than IA but one availability zone)

Question 86

What the properties of the S3 Glacier storage class?

Answer 86

Glacier is the lowest cost storage tier, used for archival only. Standard, Expedited or Bulk.

(archived data, 3-5 hour wait before accessing)

Standard retrieval requires 3-5 hours
Expedited: within a few minutes (highest fee)
Bulk: 5-12 hours

Question 87

What percentage availability is S3 Standard IA designed for?

Answer 87

99.9%

Question 88

What percentage availability is S3 One Zone IA designed for?

Answer 88

99.5%

Question 89

What percentage availability is S3 Glacier designed for?

Answer 89

N/A

Question 90

Which S3 storage classes charge a retrieval fee?

Answer 90

All but S3 Standard:

• S3 Standard - IA
• S3 One Zone - IA
• S3 Glacier

Question 91

How many S3 charges are there and what are they?

Answer 91

5 S3 Charges:

1. Storage
2. Requests
3. Storage Mgmt Pricing
4. Data Transfer Pricing
5. Transfer Acceleration

Question 92

What is S3 Transfer Acceleration?

Answer 92

S3 Transfer Acceleration leverages Amazon’s CloudFront globally distributed edge locations to easily, quickly and securely transfer data over long distances between end users and an S3 bucket.

Question 93

S3 comprises block-based storage

Answer 93

False. S3 is object based, i.e., allows you to upload files up to 5 TB

Question 94

Read the S3 FAQ before taking the exam

Answer 94

https://aws.amazon.com/s3/faqs/

Question 95

True or False: By default, S3 buckets and all objects uploaded to are private

Answer 95

True. Objects have to be made public. From inside the S3 bucket, select the file and choose Actions > Make Public.

Ensure you’ve previously unchecked all boxes under “Edit public access settings” at the bucket level.

Question 96

What are the three S3 Server Side Encryption (SSE) types?

Answer 96

1. SSE-S3 with Amazon S3 Managed Keys
2. SSE-KMS with Amazon Key Management Service (KMS)
3. SSE-C using Customer Provided Keys

Question 97

What keyword must be typed to complete updating S3 Public Access Settings?

Answer 97

confirm

Question 98

How do you restore a deleted S3 object?

Answer 98

Delete the Delete Marker

Question 99

True or False: Once enabled, S3 versioning cannot be suspended, only disabled.

Answer 99

False. Once enabled S3 versioning cannot be disabled, only suspended.

Question 100

S3 Versioning’s MFA Delete capability can be used to provide an additional layer of security

Answer 100

True.

Question 101

What is the aws CLI command to copy S3 files

Answer 101

aws s3 cp –recursive s3://[source] s3://[destination]

Question 102

True or False: S3 replication replicates delete markers on files deleted from a source bucket.

Answer 102

False. S3 object deletes are not replicated.

Question 103

True or False: All existing files in the source S3 Bucket are automatically replicated upon activation of replication on a destination S3 Bucket.

Answer 103

False

Question 104

True or False: Daisy chaining can be used to replicate an S3 Bucket across multiple buckets

Answer 104

False. You cannot replicate across multiple buckets or use daisy chaining (at this time; maybe subject to change)

Question 105

True or False: S3 Lifecycle Management only pertains to current S3 object versions

Answer 105

False. S3 Lifecycle Management can be enabled for both current and previous versions

Question 106

What is a CloudFront Edge Location?

Answer 106

A location where content will be cached. Separate from a Region or AZ. Both Read/Write.

(Currently over 50 Edge Locations)

Question 107

What is the term for a CloudFront CDN collection of Edge Locations?

Answer 107

A Distribution

Question 108

What are the two type of CloudFront Distributions, and why is each used?

Answer 108

1. Web Distribution - used for web sites

2. Real-Time Messaging Protocol (RTMP) - used for media streaming

Question 109

What are the 3 CloudFront components?

Answer 109

1. Edge Locations
2. Origin
3. Distribution

Question 110

How long are CloudFront objects cached?

Answer 110

For the life of the specified Time-to-Live (TTL)

Question 111

True of False: You can clear cached CloudFront objects, but you will be charged

Answer 111

True

Question 112

What are the AWS S3 options for Encryption?

Answer 112

In transit: SSL/Transport Layer Security (TLS)

At Rest:

• Server Side Encryption:
  
  • SSE-S3: S3 Managed Keys (most common)
    
    • Advanced Encryption Standard (AES) 256-bit
  • SSE-KMS: AWS Key Mgmt Service, Managed Keys
  • SSE-C: Customer-provided Keys
• Client Side Encryption

Question 113

What is AWS Storage Gateway?

Answer 113

A service that connects an on-premise software appliance with cloud-based storage seamlessly

Question 114

What are the types of Storage Gateways?

Answer 114

4 Types:
1. File Gateway ((new!) NFS flat files. No on-prem)

Volumes Gateway (iSCSI block based)

2) Stored Volumes (entire dataset on-prem)
3) Cached Volumes (only recently accessed on-prem)

4. Tape Gateway (VTL uses popular backup apps like NetBackup, Backup Exec, Veeam, etc.)

Question 115

What is an AWS snowball?

Answer 115

a secure petabyte-scale data transport appliance to transfer data into/out of AWS

Question 116

compare and contrast the types of snowballs

Answer 116

1. Snowball: 80 TB capacity
2. Snowball Edge: 100 TB capacity + compute capability + Lambda. (A mini AWS Data center in a box)
3. Snowmobile (18-wheeler container) 100 Petabyte or Exabyte level data transfer/storage to AWS. Secure, fast, cost effective. Can transfer an entire DC in 6 months.

Question 117

What is A Cloud Guru’s recommended website to calculate IP address ranges?

Answer 117

CIDR.xyz