Basic Terms Flashcards

1
Q

Cloud Computing

A

On-Demand delivery of IT resources with pay-as-you-go pricing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

On-Demand Delivery

A

AWS has the resources you need when you need them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Private-Cloud Deployment

A

On-Premises Deployment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hybrid Deployment

A

Cloud-based resources are connected to on-premises infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Mulitenancy

A

Sharing underlying hardware between virtual machines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CaaS (Compute as a Service)

A

Consumption-based (pay-per-use) infrastructure model that provides on-demand processing resources for general & specific workloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Dynamic Scaling?

A

Scales based upon demand.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Predictive Scaling?

A

Automatically schedules right number of EC2 instances based upon predicted demand.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What type of application has resources and services tightly coupled where if one service fails they all fail?

A

Monolithic Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What type of application has loosely coupled services and if single component fails, other components continue to work because they are communicating with each other.

A

Microservice

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are Containers?

A

Image files that contain everything needed to run
software, processes, & workflows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is an Origin

A

Server from which CloudFront gets your files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a Subnet?

A

Section of VPC where you group resources based on security or operational needs.
Can be public or private.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is an Internet Gateway?

A

Connection between VPC & Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Virtual Private Gateway?

A

Enables you to establish VPC connection b/w you & private network (ex: on-premises data-center or internet corporate network).
Allows for traffic into VPC if coming form approved network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is difference between public & private subnets?

A

Public Subnets have resources that need to be accessible by public.

Private Subnets have resources that can only be accessible through your private network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Can a private and a public subnet communicate with eachother?

A

Yes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a Packet?

A

Data unit sent over internet or network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a Network ACL?

A

Virtual firewall that controls that controls inbound & outbound traffic at subnet level using stateless packet filtering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is Stateless?

A

Network ACL remembers nothing and checks packets to and from subnet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is a Security Group?

A

Virtual firewall that controls inbound & outbound traffic for Amazon EC2 instance using stateful packet filtering.
They are stateful & deny inbound traffic but allow outbound traffic by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is Stateful?

A

Security Group checks packet first time but will not check second time because it will remember it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is a DNS (Domain Name System)?

A

Turns domain names into IP Address so you can access websites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is DNS Resolution?

A

Translating a domain name to an IP Address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is a CDN?

A

Content Delivery Network:
Network that delivers edge content to users based on their geographic location.

26
Q

What is an Instance Store?

A

Disk storage physically attached to host computer for EC2 instance.
If instance is terminated/instance store loses data

27
Q

What is Object Storage?

A

Each object consists of data, metadata, & key.

28
Q

What is Metadata?

A

Contains information about what data is, how it is used, object size, etc . . .

29
Q

What is a Relational Database?

A

Data stored in way that relates it to other pieces of data.

30
Q

What is Encryption at Rest?

A

Protecting data while it’s stored.

31
Q

What is Encryption in Transit?

A

Protecting data while it is being sent & received.

32
Q

What is the Root User?

A

User that was used to create AWS account & has complete access to all AWS services & resources in account.

33
Q

What are Service Control Policies (SCPs)?

A

Allow you to place restrictions on AWS services, resources, & individual API actions that users & roles in each account can access.

34
Q

What is a Denial-of-Service Attack (DoS)?

A

Deliberate attempt from an attack from a single source to make website or application unavailable to users.

35
Q

What is a Distributed Denial-of-Service Attack (DDoS)?

A

Deliberate attempt from an attack from multiple sources to make a website or application unavailable to users.

36
Q

What is an Internet Gateway?

A

Connection b/w VPC & Internet by allowing public traffic from internet to access VPC.

37
Q

What is Elastic Load Balancing?

A

Distributes incoming traffic across multiple targets, s/a EC2 Instances.

38
Q

What are Global Tables?

A

Replicate data automatically across AWS Regions to automatically scale capacity.

39
Q

Can block storage be accessed simultaneously?

A

No

40
Q

Can object storage provide appending files?

A

No

41
Q

Which AWS services have data encryption automatically enabled?

A
  • Amazon S3
  • Amazon Storage Gateway
  • Amazon RDS
  • Amazon Aurora
  • AWS Lambda
  • Amazon DynamoDB
  • Amazon SQS (Simple Queue Service)
  • Amazon SNS (Simple Notification Service)
42
Q

What is Penetration Testing?

A

Simulating of Cyber-Attacks which doesn’t need AWS Approval.

43
Q

What is Network Stress Testing?

A

Sending lots of test traffic to specific target application which needs AWS Approval.

44
Q

What is VPC Peering Connection?

A

Networking connection b/w 2 VPC’s that enables you to route traffic b/w them privately.

45
Q

Which AWS services/features support High Availability by default?

A
  • Amazon EC2
  • Amazon S3
  • Amazon RDS
  • Route 53
  • Amazon CloudFront
  • Amazon DynamoDB
  • Amazon ElastiCache
  • Amazon Lambda
  • Amazon EFS
  • Amazon SQS
  • Amazon SNS
  • Amazon ELB
  • Amazon Kinesis
  • AWS Global Accelerator
  • Amazon Aurora
  • Amazon Cloudwatch
  • AWS Elastc Beanstalk
46
Q

Which AWS Services are regional in scope?

A
  • Amazon EC2
  • Amazon RDS
  • Amazon S3
  • Amazon VPC
  • Amazon Lambda
  • Amazon DynamoDB
  • Amazon CloudWatch
  • Amazon SQS
  • Amazon SNS (Simple Notification Service)
  • Amazon Route 53 (DNS Service)
  • AWS Elastic Beanstalk
  • AWS Elastic Load Balancing (ELB)
  • Amazon EBS (Elastic Block Store)
  • AWS CloudFormation
  • Amazon ElastiCache
  • AWS CodeBuild, CodeDeploy, and CodePipeline
  • Amazon CloudFront
  • Amazon Aurora
  • AWS WAF & Shield
  • Amazon Redshift
  • AWS Elastic File System (EFS)
  • Amazon MQ
  • Amazon Kinesis
  • AWS Global Accelerator
47
Q

Which AWS Services support VPC Gateway Endpoint?

A
  • Amazon S3
  • Amazon DynamoDB

Everything else uses VPC Interface endpoint

48
Q

What categories does AWS Trusted Advisor recommend?

A
  • Cost Optimization
  • Performance
  • Security
  • Fault Tolerance
  • Service Limits
49
Q

What is an IAM Role?

A

IAM identity that you create in your account that has specific permissions.

50
Q

Which entities are part of Amazon VPC in AWS Cloud?

A
  • VPC
  • Subnet
  • Route Table
  • Internet Gateway
  • VPC endpoint
51
Q

What are AWS Tags

A

Custom labels that you can attach to AWS resources to help
- identify, organize, & search for resources by categories.
- manage billing information
- control access
- associate resources w/ compliance types.

52
Q

What is AWS Total Cost of Ownership (TCO) Estimate?

A

Calculation that helps organizations determine if moving to AWS is good idea.
Includes:
- Infrastructure: Compute, data transfer, and storage
- Cloud services: Security, management tools, and data analytics
- Manpower: Cloud engineers
- Hidden costs: Downtime, reduced productivity, and what-if scenarios

53
Q

What is the AWS Identity and Access Management (IAM) access advisor?

A

Shows service permissions granted to user & when services were last accessed & identify unnecessary permissions.

54
Q

What is IAM Credentials Report?

A

View status of all user credentials, including passwords, access keys, & multi-factor authentication (MFA) devices.

55
Q

What is a Customer Gateway?

A

Physical device/software application on your side (premises) of Site-to-Site VPN connection.

56
Q

Which AWS Services are delivered regionally?

A
  • Amazon S3
  • Amazon EFS
57
Q

Which of the following statements are true about AWS Regions and Availability Zones (AZ)?

A
  • Each AWS Region consists of multiple, isolated, & physically seperate Availability Zones (AZ) within a geographic area.
  • All traffic b/w availability zones is encrypted.
58
Q

Which of the following statements are true about AWS Regions and Availability Zones (AZ)?

A
  • Each AWS Region consists of multiple, isolated, and physically separate Availability Zones (AZ) within a geographic area
  • All traffic between Availability Zones (AZ) is encrypted
59
Q

Which of the following is the least effort way to encrypt data for AWS services only in your AWS account using AWS Key Management Service (KMS)?

A

Use AWS managed master keys that are automatically created in your account for each service

60
Q

Which of the following is the least effort way to encrypt data for AWS services only in your AWS account using AWS Key Management Service (KMS)?

A

Use AWS managed master keys that are automatically created in your account for each service

61
Q

What AWS Resources are Global in Scope?

A
  • Amazon CloudFront
  • Amazon S3
  • Amazon Virtual Private Cloud (Amazon VPC)
  • Amazon Relational Database Service (RDS)
  • Amazon Elastic Block Store (Amazon EBS)
  • Amazon SageMaker
  • Amazon Kinesis
  • Amazon Simple Notification Service (Amazon SNS)
  • AWS Elastic Beanstalk
62
Q

What are the AWS disaster recovery scenarios?

A
  • Backup and Restore — Data is backed up and restored
  • Pilot Light — Only minimal critical functionalities
  • Warm Standby — Fully functional scaled down version
  • Multi Site (Active-Active) — Another fully functional site