CDN and Optimization Flashcards

1
Q

What is the difference between an edge location cache and a regional edge cache?

A

A regional edge cache is just a larger version of an edge location cache.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or False: Only S3 can be used as a CloudFront origin.

A

False, custom origins can be used as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What kinds of configuration are controlled with a Cloudfront distribution?

A

Price class, domain names, certificates, TLS. Think “higher level”.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What kinds of configuration are controlled with a cloudfront behavior?

A

Trusted URLs/cookies, http/https, cache directives, restrict viewer access. Think “lower level”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does TTL control?

A

How long something lives on a cache. Default is 24 hours.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are cache invalidations?

A

Invalidates objects based on a pattern match.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is better for pointing users to other objects - cache invalidations or versioned file names?

A

Versioned file names == less expensive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does AWS Certificate Manager allow you to do?

A

Easily provision, manage, deploy certificates (HTTPS) for supported AWS services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Will self signed certificates work for CloudFront SSL?

A

No! Valid public certificates only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an Origin Access Identity (OAI)?

A

A virtual identity used by cloudfront to access an S3 bucket

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why might you want to use OAI?

A

To provision access to cloudfront and only cloudfront.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What additional security feature must be used in conjunction with an OAI for its intended use case?

A

S3 bucket policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How can you secure a CF distribution with a custom origin?

A

HTTPS with custom headers, or firewall using edge location IPs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What might you want to use Lambda@Edge for?

A

Adjusting data between viewer and origin based on access patterns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the main use of AWS Global Accelerator?

A

Moves the AWS network closer to customers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What kind of traffic is Global Accelerator used for?

A

Non-http/s