Certified Cloud Practitioner

Question 1

Region

Answer 1

Physical location/geographic location with 2+ AZ.

Minimize latency by deploying to 2+ regions.

Question 2

AZ

Answer 2

Physically/logically isolated data centers
Data provisioned across AZs
Not all zones offer all services

Question 3

Data Center

Answer 3

1+ per AZ

Question 4

Edge Location

Answer 4

Host CloudFront (CDN) for faster delivery of static content with low latency/high transfer speeds
More edge locations than AZs
Catches data

Question 5

Basics on Pricing

Answer 5

Usually no charge for inbound data or data within AWS region
Pay for CPU, data storage, outbound data transfer
The more you use, the less it costs

Question 6

On demand

Answer 6

Pay as you
Most services pay per second of use
good for short term, spiky or unpredictable use

Question 7

Reservations

Answer 7

Up to 75% less
1-3 year commitment
Pay none/partial/all up front
The more you pay up front the less it costs
Good for steady state usage

Question 8

Spot

Answer 8

Up to 90% less
Pay for unused capacity
unpredictable when runs
ends when complete or price goes above bid

Question 9

Dedicated instance

Answer 9

Pay set hourly price
dedicated hardware for VPC
can use existing software licenses

Question 10

Free tier

Answer 10

Some services free forver: VPC, Elastic BeanStalk, CloudFormation, IAM, AutoScaling, Opsworks, DynamoDB, Glacier, Lambda, Glue, Cognito, SNS, SES, SQS, SWF, Cloudwatch, Xray, Storage Gateway, etc
Some services free 12 months: EC2, S3, RDS, CloudFront

Question 11

Basic Support

Answer 11

7 trusted advisor checks, personal health dashboard, docs/support forms

Question 12

Developer Support

Answer 12

Basic + email support
1 contact
Response time 24 hrs for general, 12 hrs for impaired system

Question 13

Business

Answer 13

Developer + full trusted advisor checks, phone support
unlimited contacts
response time 1 hour for prod down

Question 14

Enterprise

Answer 14

Business + senior cloud support engineers
Response time 12 minutes for business critical systems
Includes Wall Architected Review by AWS Solutions Architects, self packed labs, concierge support team, dedicated technical account manager (TAM).

Question 15

Support Forms for

Answer 15

Encountering Abuse (sent to the abuse team)
Increasing limits beyond a point
penetration testing

Question 16

Acceptable Use Policy

Answer 16

Don’t do bad things

Question 17

EC2 (Elastic Compute Cloud) COMPUTE

Answer 17

Virtual server
proper name is EC2 instances
pay as you, pay for time running
maintain control
Don't have to provision/maintain server
assigned both public/private IP
has instance metadata
responsible for patch OS

Question 18

VPC (virtual private cloud) COMPUTE

Answer 18

isolate computer resources
control network config, access, what expose, etc
can span AZs

Question 19

ECS (elastic container service) COMPUTE

Answer 19

supports docker containers

Question 20

AMI COMPUTE

Answer 20

Amazon Machine Image
can use variety of preconfigured ones or create own
specifies type of hardware
bootable

Question 21

Lamba COMPUTE

Answer 21

Serverless
pay only for compute by fraction of millisecond
ideal for variable/intermittent workloads
autoscales
supports many programming languages
limited disk space/memory
must run less than 5 minutes

Question 22

IGW (Internet Gateway) NETWORKING

Answer 22

Allows access to internet from VPC

Question 23

Subnet NETWORKING

Answer 23

Divides VPC
public subnets can access internet
private subnets cannot (by default)
VPC can have multiple subnets

Question 24

Route tables NETWORKING

Answer 24

Register traffic leaving subnet

Question 25

NAT Gateway NETWORKING

Answer 25

allows private subnet to access the internet

Question 26

CIDR (classless interdomain routing) NETWORKING

Answer 26

Internal IP address look like 10.0.0.0/16

Question 27

Direct Connect

Answer 27

On premises to VPC connectivity or VPC TO VPC connectivity

Question 28

PrivateLink

Answer 28

Connects to VPCs through endpoints

Question 29

VPC Peering

Answer 29

Connects to VPCs privately

Question 30

Route 53

Answer 30

``` DNS Geolocation routing latency based routng defaults to up to 50 domain names global services ```

Question 31

elastic IP

Answer 31

static IPv4 address up to 5 per region pay if have more than one and not associated with running instance

Question 32

Elastic Beanstalk

Answer 32

PaaS (platform as a service) application server | supplies all infrastructure so can just deploy app

Question 33

CloudFormation

Answer 33

Manage/Provision collections of servers

Question 34

application load balancer

Answer 34

http/https level includes https and websockets can route by path or hosts

Question 35

Network Load Balancer

Answer 35

TCP level

Question 36

ELB (elastic load balancer) - classic load balancer

Answer 36

Older loader balancer supports both http/tcp levels can mix with internal load balancers supports single region

Question 37

Auto Scaling

Answer 37

Adds more EC2 instances as needed specify conditions/policy for when add/remove instances create launch config (what create if need new instance), group (constraints on what to create) and policy (when the scale) limit to 20 EC2 instances per region

Question 38

Listener

Answer 38

Checks for connection requests to load balancer

Question 39

Target

Answer 39

destination for traffic based on rules

Question 40

Target groups

Answer 40

1+ targets target can be in multiple groups can do health check by target group

Question 41

S3 (Simple Storage Service)

Answer 41

Object data up to 5TB can access by URL API to get data, not associated with specific server Can access via HTTP/HTTPS objects grouped into S3 buckets. Can have u[ to 100, can set policies on buckets. can replicate across regions durability is always 11 nines. Means probability of losing an object. Availability is 4 nines for standard and 3 nines for SIA (standard infrequent access)

Question 42

EBS (elastic block store)

Answer 42

block storage storage for ec2 persistent data general purpose (SSD), provisioned IOPS (SSD), magnetic Automatically replicated with AZ. Can copy to other region for recovery Snapshots are backups

Question 43

EFS (Elastic File System)

Answer 43

File storage for EC2

Question 44

Aurora

Answer 44

Managed database service 5x faster than MySQL/Postgres faster version of MySQL Defaults to replicating twice in each of 3 AZs

Question 45

RDS (relational database service)

Answer 45

Supports Aurora, MySQL, PostgresSQL, oracle, MS SQL Server, and MariaDB. Set up own IP, subnet, access control, etc Automatically generates standby database in another AZ Can create read replicas in different region for all but Oracle and MS SQL server

Question 46

DynamoDB

Answer 46

Managed NoSQL service | Access by query (key) or scan (non-key attribute)

Question 47

RedShift

Answer 47

managed data warehouse services Uses SQL supports petabytes of data OLAP (online analytical processing)

Question 48

Snowball Edge

Answer 48

Physically transport 100TB of data

Question 49

Snowball

Answer 49

Physically transport petabytes of data

Question 50

Snowmobile

Answer 50

Physically transport up to 100 petabytes of data

Question 51

Glacier

Answer 51

Data archiving each archive up to 40 TB infrequent access data encrypted by default archive - document stored vault - container for sorting archives. has access policy and lock policy ( can't alter when locked) data comes from S3(via lifecycle policies), SDK, CLI, or snowball/snowmobile import takes minutes or hours to retrieve data depending on cost bulk/standard/expedited

Question 52

Transfer Accleration

Answer 52

transfer files over the internet across long distances with S3 bucket

Question 53

DMS (data migration service)

Answer 53

migrate non-aws database to cloud

Question 54

EMR (elastic map reduce)

Answer 54

hadoop

Question 55

Glue

Answer 55

ETL(extract,transform,load)

Question 56

Storage Gateway

Answer 56

Links to on premises data environment

Question 57

Athena

Answer 57

serverless queries

Question 58

Kinesis

Answer 58

streaming data

Question 59

Kinesis Firehose

Answer 59

data load

Question 60

Neptune

Answer 60

Graph database

Question 61

SES (simple email service)

Answer 61

email

Question 62

SNS (simple notification service)

Answer 62

publish messages | supports http/s, email, email JSON, SMS, SQS

Question 63

SQS (simple queue service)

Answer 63

hosted queue | visible for 12 hours by default

Question 64

SWF (simple workflow)

Answer 64

workflow | activity worker implements task

Question 65

NACL (network access control list)

Answer 65

``` Statless Like passport control checks access each time on entry/exit optional at subnet level ```

Question 66

Security Groups

Answer 66

built in firewall for virtual servers set up rules can control by protocol/port/ip by default, controls inbound (blocks all) and outbound traffic (allows all)

Question 67

WAF (web application firewall)

Answer 67

blocks common attacks ex: XSS | global service

Question 68

shared responsibility model

Answer 68

amazon - "of the cloud" | customer - "in the cloud"

Question 69

Guard Duty

Answer 69

Threat Detection

Question 70

IAM (identity and access management)

Answer 70

control access can't recover lost credentials allows each user up to two active keys global service

Question 71

identities

Answer 71

people/processes/services | unit of authentication

Question 72

groups

Answer 72

collections of users

Question 73

root user

Answer 73

``` initial user created unrestricted access only use to create inital other users required to use CLI reccommended to delete access keys ```

Question 74

role

Answer 74

identity with permission policies does not have own credentials used for apps used for SSO where authenticated at company

Question 75

temporary credentials

Answer 75

credentials with restricted permission for a specific task

Question 76

policy

Answer 76

applied to user/role/group to grant permissions

Question 77

access types

Answer 77

programmatic access | management console access

Question 78

TCO (total cost of ownership) Calculator

Answer 78

Determine costs before using don't need to be AWS customer yet compares on-prem and collocation to pure AWS

Question 79

Trusted Advisor

Answer 79

Check security, fault tolerance, performance, cost savings for existing customers red (immediate action), yellow(investigate), green(good)

Question 80

Cost Explorer

Answer 80

Billing visibility for current customers can see last 13 months data forecasts costs for next three months

Question 81

Budgets

Answer 81

Alerts when costs exceed plan

Question 82

Cost and Usage Report

Answer 82

Shows costs by category

Question 83

CloudTrail

Answer 83

Records user activity/API calls

Question 84

CloudWatch

Answer 84

``` Monitoring logs aggregates log can set billing alarm basic and detailed plans defaults to 5 minute granularity for basic and 1 minute for detailed ```

Question 85

Inspector

Answer 85

find possible security issues focuses on s3 level automated compliance

Question 86

artifact

Answer 86

view compliance reports

Question 87

migration hub

Answer 87

track progress across AWS and partners

Question 88

AWS SDKs

Answer 88

APIs

Question 89

OpsWorks

Answer 89

DevOps platform | Uses Chef

Question 90

CodeStar

Answer 90

UI for development

Question 91

CodeCommit

Answer 91

Version Control

Question 92

CodeDeploy

Answer 92

Automated deployment

Question 93

CodePipeline

Answer 93

Continuous Delivery

Question 94

Operational Excellence

Answer 94

``` Operations as code annotate documentation make frequent, small, reversible changes refine operations procedures frequently anticipate failure learn from operational failures ```

Question 95

Security

Answer 95

``` implement a strong security foundation enable traceability apply security at all layers automate security at all layers automate security best practices protect data in transit and at rest prepare for security events ```

Question 96

Reliability

Answer 96

``` Test recovery procedures Automatically recover from failure Scale horizontally to increase aggregate system availability Stop Guessing capacity manage change in automation ```

Question 97

Performance Efficiency

Answer 97

``` Democratize advanced technologies Go global in minutes use serverless architectures experiment more often mechanical sympathy ```

Question 98

Cost Optimization

Answer 98

Adopt a consumption model measure overall efficiency stop spending money on data center operation analyze and attribute expenditure use managed services to reduce cost of ownership

Question 99

Pilot Light

Answer 99

Quick recovery option > minimal version always running

Question 100

Slowest to Fastest Recovery

Answer 100

Backup & Restore > Pilot Light > Warm Standby > MultiSite

Question 101

Fault tolerance

Answer 101

stays up even if parts fail | more strict than high availability

Question 102

CloudFront

Answer 102

CDN (content delivery network) Can act as a cache to serve objects from S3 Global Service

Question 103

Cognito

Answer 103

User sign up/access control

Question 104

Config

Answer 104

Configuration history

Question 105

Fargate

Answer 105

Run container

Question 106

Macie

Answer 106

Machine learning about security

Question 107

QuickSight

Answer 107

Business Analytics

Question 108

Server Migration Service

Answer 108

Agentless migration from on-prem

Question 109

Transcoder

Answer 109

Media conversion

Question 110

Workspaces

Answer 110

Virtual Desktop

Question 111

Xray

Answer 111

Distributed debugging/tracing

Question 112

Assurance Programs

Answer 112

Include Certification/Attestation and Laws/Regulation/Privacy

Question 113

Risk/Compliance Program

Answer 113

Risk Management, Control Environment and Information Security

Question 114

Marketplace

Answer 114

Find software solution

Question 115

Free pricing

Answer 115

Data in usually free | data transfer within a region usually free

Question 116

EC2 Pricing

Answer 116

``` Server time used machine (type & config) # of instances load balancing and autoscaling monitoring level OS & Software packages ```

Question 117

EBS Pricing

Answer 117

Volumes (data used) IO Operations per second Snapshots (backups) data transfer out

Question 118

RDS pricing

Answer 118

``` server time used database (type, #) storage # of requests data transfer out ```

Question 119

CloudFront

Answer 119

``` Traffic distribution (regions) requests (# and type) data transfer out ```