AWWWWSS

Question 1

Offers long term archiving of infrequently accessed data, such as backups that must be retained for years

Answer 1

S3 Glacier

Question 2

Virtual appliance that seamlessly moves data back and forth between your on-premise servers and AWS S3. Uses industry standard storage protocols, making integration seamless.

Answer 2

AWS Storage Gateway

Question 3

Hardware Storage appliance designed to physically move massive amounts of data to or from S3, particularly when transfering the data over a network would take days or weeks.

Answer 3

AWS Snowball

Question 4

Lets you store and retrieve unlimited amounts of data fro anywhere in the world at any time.

Answer 4

Amazon Simple Storage Service (S3)

Question 5

What can you use S3 for

Answer 5

store logs or retrieve data for processing, use to host static websites

Question 6

Stores files, “Objects on disks in AWS data centers. Files can be text, images, videos, database files, etc. Each object can be 5 TB

Answer 6

Simple Storage Service (S3)

Question 7

The filename of an object

Answer 7

Key. Each object key must be unique.

Question 8

The level of durability and availability depends of an object depends on

Answer 8

It’s storage class

Question 9

S3 Monthly Charges are based on what

Answer 9

the amount of data you store and the storage class that you use

Question 10

S3 Storage Classes Are the following. Your choice of storage class depends on how frequently you’ll access them.

Answer 10

Standard——-use if need to access frequently & with minimal latency.

Standard_IA —infrequent access
Intelligent_Tiering —-infrequent access
ONEZONE_IA —-infrequent access
Glacier —–infrequent access

Reduced_Redundancy (RRS) - use if need to access frequently & with minimal latency

***Infrequently Accessed (IA) classes offer millisecond-latency access and high durability but the lowest availaility of all the classes. Designed for objects atleast 128 KB in size.

Question 11

Default storage class. Highest availability or 99.99%, replicates objects across atleast three availability zones and is the most expensive

Answer 11

Standard

Question 12

Storage class meant for data that can be easily replaced if needed to be replaced. Lowest durability of all classes. AWS recommends against using this one due to the low durability.

Answer 12

Reduced_Redundancy

Question 13

Designed for important data that can’t be re-created. Objects are stored in multiple availability zones and have availability of 99.9%

Answer 13

Standard_IA

Question 14

Objects stored using this storage class are kept in only one availability zone and consequently have the lowest availability of all of the classes (99.5%). Use this class only for data that you can re-create or have replicated.

Answer 14

OneZone-IA

Question 15

Designed for long term archiving of objects that rarely need to be retrieved. Unlike other storage classes, you can’t retrieve an object in real time. Instead, you must initiate a restore request for the object and wait until the restore is complete, which can take 1 minute to 12 hour.

Answer 15

Glacier

Question 16

S3 offers 1 storage class designed for both frequently and infrequently accessed objects. This storage class automatically moves objects to the most cost effective storage tier based on past access patterns. In addition to storage pricing, you’re charged a monthly monitoring and automation fee.

Answer 16

Intelligent_Tiering

Question 17

S3 Offers 3 methods of controlling who may read, write, or delete objects stored in your S3 Bucket. Can use any combination of these, they are not mutually exclusive.

Answer 17

Bucket policies, User policies & bucket and object access control lists (ACLs)

Question 18

A resource-based policy that you apply to a bucket. You can use this to grant access to all objects in a bucket or just specific objects in a bucket. Also who can read, write or delete objects.

Answer 18

Bucket policy

Question 19

Use these policies to grant IAM principle access to S3 objects. Can apply these policies only to an IAM principal.

Answer 19

Identity and Access Management (IAM) user policies

Question 20

Legacy access control methods that have mostly been superseded by bucket and user policies. Can be used to grant other AWS accounts and anonymous users access to your S3 resources. CANNOT be used to grant access to specific IAM principles

Answer 20

Bucket and Object Access Control Lists (ACLs)

Question 21

S3 doesn’t change the content of an object when you upload it. If you want to add an added layer of security you have the option of encrypting objects before storing them in S3. This is called _____ and has 2 options for encrypting objects at rest _____

Answer 21

Encryption At Rest

1. Server-Side Encryption
2. Client-Side Encryption

Question 22

When you create an object, S3 encrypts the object and saves only the encrypted content. Easiest to implement and doesn’t require you to keep track of encryption keys.

Answer 22

Server-Side Encryption

Question 23

You encrypt the data prior to uploading it to S3. You are responsible for encryption and decryption. You need to keep track of encryption key.

Answer 23

Client-Side Encryption

Question 24

Helps protect against object overwrites and deletions. This is disabled by default when you create a bucket. Can be deleted by using the object life cycle configurations.

Answer 24

Versioning

Question 25

Can help control costs by automatically moving objects to different storage classes or deleting them after a time. These rules are applied to a bucket and consist of one or both of the following types of actions

Answer 25

Object Life Cycle Configuration

1. Transition Action - move objects to a different storage class once they’ve reached a certain age.
2. Expiration Action- automatically delete objects after they reach a certain age.
   * **If you have versioning enabled on a bucket, you can create expiration actions to delete object versions of a certain age.

Question 26

Store one or more files. Also known as a block of information

Answer 26

Archive (in a Glacier)

Question 27

Region specific container that stores archives

Answer 27

Vault

Question 28

Downloading an archive from a Glacier is a two step process. First initiate a retrieval job and downloading your data once the job is complete. There are 3 retrieval options

Answer 28

1. Expedited: Completed within 1 to 5 minutes. Can optionally purchase provisioned capacity to ensure expedited retrieval.
2. Standard: Completed within 3 to 5 hours. This is the default option.
3. Bulk: Lowest cost option, Completed 5 to 12 hours

Question 29

Used to connect your existing on-premise servers to storage in the AWS cloud. You just need to provision this virtual machine on-premises and connect your servers to it. It then handles the data transfer between your server and the AWS storage infrastructure. Virtual machines run on ESXi or Microsoft Hyper-V hypervisor.

Answer 29

Storage Gateway

Question 30

AWS Storage Gateway offers the following three virtual machine types for different use cases

Answer 30

1. File gateways
2. Volume gateways
3. Tape gateways

Question 31

lets you use the Network File System (NFS) and Server Message Block (SMB) protocals to store data in S3. Can function as a normal on-premise file server.

Answer 31

File Gateways

Question 32

Offers S3 bucket storage volumes that your on premises servers can use via the Internet Small Computer System Interface (iSCSI) protocol. It supports 2 configurations

Answer 32

Volume Gateways

1. Stored Volumes- with this volume, the storage gateway stores all data locally and asynchronously backs it up to S3 as Elastic Block Store (EBS) snapshots.
2. Cached Volumes- the storage gateway stores all your data on S3, and only a frequently used subset of that data us cached locally. This is a good option if you have a limited amount of local storage. Because only a subset of data is cached locally, it’s possible that any interruption in connectivity to AWS could make some data inaccessible.

Question 33

Stores virtual tapes in a virtual tape library (VTL) backed by S3. Specifically designed to work with common back up applications. Offers access through the iSCSI block storage protocol

Answer 33

Tape Gateways

Question 34

Hardware appliance designed to move massive amounts of data between your site and the AWS Cloud in a short time. The idea behind it is that it is quicker to physically ship a large amount of data than it is to transfer it over a network. This device includes a trusted platform module (TPM) chip that detects unauthorized modifications. You will transfer your data onto this device and mail back to AWS. AWS will then transfer the files from the device to one or more S3 buckets. Some common use cases include the following

Answer 34

AWS Snowball

• Migrating data from an office or data center to the AWS Cloud.
• Quickly transferring a large amount of data to or from S3 for backup or recovery purposes.
• Distributing large volumes of content to customers and partners

Question 35

Snowball uses two layers of encryption and requires you to transfer data to it using what

Answer 35

1. When you transfer data to or from Snowball, the data is encrypted in transit using SSL.
2. The data you put on a Snowball is always encrypted at rest.

Must use either Snowball Client or more advanced S3 SDK Adapter for Snowball…data is encrypted by using AES 256-bit encryption so your data is never stored unencrypted. Snowball client doesn’t require coding knowledge, but the adapter does.

Question 36

Network connectivity, QSFP+ port (allows you to achieve faster network speeds), designed to transfer large amounts of data only between your local environment and S3.

Answer 36

Snowball Edge

**Note: You can cluster 5 to 10 Snowball Edge devices together to build a local highly available compute or storage cluster. Snowball edge does not support Virtual Private Clouds (VPCs)

Question 37

Snowball Edge Offerings:

Snowball Edge Device Options:

Answer 37

1. Local Storage for S3 Buckets
2. Compute power for EC2 instances and Lambda functions locally.
3. File Server functionality using the Network File System (NFS) version 3 and 4 protocols

Device Options:

1. Storage Optimized
2. Compute Optimized—–offers the most computepower
3. Compute Optimized with GPU—like compute option, but ideal for machine learning and high performance computing applications. Has a NVIDIA V100 Tensor Core graphical processing unit (GPU)

Question 38

Snowball and Snowball Edge can both transfer data to and from S3, but Snowball Edge call also:

Answer 38

local EC2 instances, local compute with Lambda, file server functionality using NFS and local S3 buckets

Question 39

What is the primary storage service in AWS?

It has a close relationship with what AWS services?

Answer 39

• Amazon Simple Storage Service (S3)

- S3 Glacier & AWS Compute Services (EC2 and Lambda)

Question 40

For durable and highly available cloud storage, you can use these to make your files as private or public as you want.

Answer 40

Bucket policies

Question 41

When it comes to local storage, this lets you access your data by going through a virtual machine that automatically sychronizes your data with S3

Answer 41

AWS Storage Gateway

Question 42

For getting your files to or from S3 over the internet you will use

Answer 42

A virtual private network (VPN) or Direct Connect Link

Question 43

Can function was a durable local file server using the NFSv3 and NFSv4 protocols. Also can run EC2 instances or Lambda functions locally

Answer 43

Snowball Edge

Question 44

The likelyhood that an object won’t be lost over the course of a year

Answer 44

Durability

Question 45

the percentage of time an object will be accessible during the year

Answer 45

Availability

Question 46

How can you get data into and out of S3

Answer 46

You can download an object by using the S3 service console, by using the AWS CLI or by directly accessing the object’s URL.

Question 47

Allow secure transfer of data to and from S3

Answer 47

AWS Snowball

Snowball Edge

Question 48

Lets your on premise servers use industry standard storage protocols such as iSCSI, NFS, and SMB to transfer data to and from S3

Answer 48

AWS Storage Gateway

Question 49

Use to grant anonymous access to objects, such as webpages or images you want made public

Answer 49

Bucket policies

ACL’s

Question 50

Use to grant specific IAM principles in your account access to objects

Answer 50

User policies

Question 51

Know the difference between S3 and Glacier.

Answer 51

• S3 offers highly available, real time retrieval of objects
• Glacier: retrieving data is a two step process that requires first requesting an archive using the Expedited, Standard, or Bulk retrieval option and then downloading the archive once the retrieval is complete

Question 52

These offer access to S3 via the iSCSI block storage protocol

Answer 52

Volume gateways and Tape gateways

Question 53

What is the main difference between Simple Storage Service (S3) and Elastic Block Store

Answer 53

• EBS Stores Volumes

- S3 stores objects

Question 54

What tasks can S3 object life cycle configuration perform automatically

Answer 54

• Deleting old object versions
• Moving objects to Glacier
• Deleting old objects
• It cannot: delete buckets or move objects to an EBS volume

Question 55

Where does AWS Storage Gateway primarily store data

Answer 55

All AWS Storage Gateways types (files, volumes and tapes) primarily store data in S3 buckets. From there, data can be stored in Glacier or EBS snapshots, which can be instantiated as EBS volumes.

Question 56

What’s the most data you can store on a single AWS Snowball device

Answer 56

72 TB