Certified Cloud Practitioner CLF-C02 Flashcards

Question

Object versioning

Answer 1

Automatically keep multiple versions of an object (when enabled)

Answer 2

Allow you or your company access to manage billing (and take advantage of bulk discounts) and access to multiple AWS accounts in one user interface. Administer multiple AWS accounts from a single point, consolidating cost while organizing and limiting access to resources.

Answer 3

Giving a user only the rights/access to the AWS services and resources they need to do their job and nothing more

Answer 4

Human/alarm/event that gives SNS the message that needs to be sent

Answer 5

SQL database service that provides a wide range of SQL database options to select from Can be encrypted using Key Management Service (KMS) on a new database. If a database already exists that is not encrypted, a copy will have to be made that is encrypted.

Answer 6

Fully managed data warehousing solution Massively Parallel Processing (MPP) - able to run complex queries in parallel, handling Petabytes of data. Automated Data Management - automatic data backup, replication, and scaling without downtime Designed for OLAP - Suitable for Online Analytical Processing Great for analytics and reporting

Answer 7

How different AWS services are granted permission to communicate and share data

Answer 8

Where you configure and manage web domains for websites or applications you host on AWS

Answer 9

The ability of a system to easily increase in size and capacity in a cost-effective way

Answer 10

Firewall/security layer on the server/instance level

Answer 11

Defines what you and AWS are responsible for when it comes to security and compliance

Answer 12

AWS service that allows you to automate the sending of email or text messaging notifications based on events that happen in your AWS account

Answer 13

Online bulk storage service you can access from almost any device Encrypted by default

Answer 14

Represents "classification" assigned to each object in S3 (standard, RRS, S3-IA, Glacier)

Answer 15

A subsection of a network and generally includes all the computers in a specific location

Answer 16

Endpoints to which a topic sends messages

Answer 17

Simple Notification Service (SNS) topics, which are logical access points used for communication, allowing you to group multiple endpoints (like Lambda functions, SQS queues, or email addresses) to receive notifications.

Answer 18

Service that "advises" and helps you optimize aspects of your AWS account

Answer 19

IAM user's username and password for logging in to AWS

Answer 20

A private subsection of AWS you control and in which you can place AWS resources Traffic within a VPC is encrypted by default

Answer 21

Security Cost Optimization Performance Efficiency Operational Excellence Reliability Sustainability

Answer 22

Focuses on protection of data, systems, and any assets used by your workload. Example: Use CloudTrail to log all actions performed in your account.

Answer 23

Focuses on the ongoing process of maintaining costs in the cloud. Example: Use S3 Intelligent-Tiering to automatically move data.

Answer 24

Focuses on the ability to use computing resources efficiently to meet requirements. Example: Use Lambda to run code with zero administration.

Answer 25

Focuses on creating applications that successfully support your workload. Example: Use CodeCommit for code and template version control.

Answer 26

Focuses on architecting a workload to be consistent and able to recover quickly. Example: User Multi-AZ deployments of RDS databases.

Answer 27

Focuses on enviromental impacts like energy efficiency and consumption. Example: User EC2 Auto Scaling to ensure maximum utilization.

Answer 28

Fixed Price billed by the second Use when: Low costs, no upfront payments or commitments Cannot interrupt unpredicateable workloads Developing applications Workload won't run longer than a year Capacity Reservations hold capacity whether or not you run an instance.

Answer 29

Take advantage of unused EC2 capacity Use When: Not concerned with start or stop times Can interrupt workload Very low compute prices are needed Cheapest Option Pay the price in effeect at the beginning of the hour and save up to 90% off of On-Demand prices

Answer 30

Pay for a physical server that is fully dedicated running your instances Use when: Bring your own server-bound software license like Microsfot or Oracle Regulatory or corporate compliance requirements around tenancy Up to 70% off On-Demand prices. No sharing your server with other customers.

Answer 31

Dedicated Host is a server Dedicated Instance runs on the host

Answer 32

Commit to a specific instance type for 1 to 3 years Use when: Steady state usage and can commit You can pay money upfront Application requires a capacity reservation Up to 72% off On-Demand prices with a contract. Reserve capactiy in an AZ for any duration. Pay all, partial or no upfront, but All upfront offers the highest discount Convert from other instances for up to 66% discount

Answer 33

Commit to compute usage for 1 to 3 years (measured per hour) Use when: Lower your bill across multiple compute services Flexibility to change compute services, instance types, operating systems, or Regions. 72% off On-Demand prices Share savings across compute services No capacity reservations

Answer 34

Portability Operational consistency Efficiency Application Development Less overhead

Answer 35

Lift and shift from on premises to cloud Refactoring applications to be cloud Support for microservice architecture Support for CI/CD deployments Easier deployment of repetitive tasks

Answer 36

Container orchestration system Fully managed and serverles using Fargate Can run with EC2, Fargate, Outposts, or ECS Anywhere Supports Docker and Docker Compose CLI

Answer 37

Container orchestration system Fully managed open-source system Can run with EC2, Fargate, EKS on Outposts, Local Zones, Wavelength, and EKS Anywhere Supports Kubernetes

Answer 38

Serverless computing that will replace EC2 instances, for the most part Can use lots of different languages autoscales executes code in response to events uses various development environments Use Cases: Real time file processing Send email notifications Backend Business Logic <15 minute execution time of each call (default is 3 seconds) Pricing: number of requests and how long they run always a free tier with 1 million free request a month

Answer 39

Serverless service Pay as you go auto scaling compute engine To use you build your container image and define your resources needed. Run and manage your containers. Isolated by design Use Cases: Message-Drive workloads >15 minutes runtime per execution Event-Drive and Scheduled workloads Pricing: No upfront costs Pay for resources used (CPU, memory, storage, etc) NO free tier

Answer 40

Allow you to run cloud services in your internal datacenter supports hybrid solutions comes by the server or the rack supports location restrictions such as compliance or govermental rules

Answer 41

Allow for the quick launch of small applications, such as test enviroments and prebuilt wordpress sights Everything you need is bundled together

Answer 42

Enables developers to develop applications for ultra low latency for mobile devices on 5g networks

Answer 43

Classic Gateway Application Network

Answer 44

Classic Load Balancers are the previous generation of load balancers from Elastic Load Balancing. We recommend that you migrate to a current generation load balancer. A load balancer distributes incoming application traffic across multiple EC2 instances in multiple Availability Zones. This increases the fault tolerance of your applications. Elastic Load Balancing detects unhealthy instances and routes traffic only to healthy instances.

Answer 45

Gateway Load Balancers enable you to deploy, scale, and manage virtual appliances, such as firewalls, intrusion detection and prevention systems, and deep packet inspection systems. It combines a transparent network gateway (that is, a single entry and exit point for all traffic) and distributes traffic while scaling your virtual appliances with the demand. A Gateway Load Balancer operates at the third layer of the Open Systems Interconnection (OSI) model, the network layer. It listens for all IP packets across all ports and forwards traffic to the target group that's specified in the listener rule. It maintains flow stickiness to a specific target appliance using 5-tuple (default), 3-tuple, or 2-tuple. The Gateway Load Balancer and its registered virtual appliance instances exchange application traffic using the GENEVE protocol on port 6081.

Answer 46

An Application Load Balancer functions at the application layer, the seventh layer of the Open Systems Interconnection (OSI) model. After the load balancer receives a request, it evaluates the listener rules in priority order to determine which rule to apply, and then selects a target from the target group for the rule action. You can configure listener rules to route requests to different target groups based on the content of the application traffic. Routing is performed independently for each target group, even when a target is registered with multiple target groups. You can configure the routing algorithm used at the target group level. The default routing algorithm is round robin; alternatively, you can specify the least outstanding requests routing algorithm.

Answer 47

A Network Load Balancer functions at the fourth layer of the Open Systems Interconnection (OSI) model. It can handle millions of requests per second. After the load balancer receives a connection request, it selects a target from the target group for the default rule. It attempts to open a TCP connection to the selected target on the port specified in the listener configuration.

Answer 48

Console Instance Connect SSH (key pair is required) Systems Manager

Answer 49

Elastic Load Balancing (ELB) supports four types of load balancers. You can select the appropriate load balancer based on your application needs. If you need to load balance HTTP requests, we recommend you use the Application Load Balancer (ALB). For network/transport protocols (layer4 – TCP, UDP) load balancing, and for extreme performance/low latency applications we recommend using Network Load Balancer. If your application is built within the Amazon Elastic Compute Cloud (Amazon EC2) Classic network, you should use Classic Load Balancer. If you need to deploy and run third-party virtual appliances, you can use Gateway Load Balancer.

Answer 50

High Availablity, Durability, and Persistant Ensures data is preserved even if the instance crashes Can be excpanded on the fly without any downtime Snapshots - Can take backups and use them to create new volumes Cost by amount stored Use Case: Hosting relationsal or NoSQL databases Data warehousing and big data analytics ERP and CRM applications

Answer 51

Fully managed - removes the complexity of deploying and managing file systems Automatic scaling - pay for only what you use Concurrent Access - multiple EC2 instances can access an EFS system simultaneously. Durable and Persistant Cost by amount stored Use Case: Content management and web serving Data analytics applications Development and testing environments

Answer 52

Temporary Elastic Block Stores - Data is lost if instanced is stopped or terminated High I/O Performance No extra cost - they come as part of the instance Use Case: Temporary storage of cache and buffers Write and discard large amounts of data Storage for applications that replicate data across multiple instances

Answer 53

stores objects S3 provides durability, scalability, security, and versatility.

Answer 54

Standard Intelligent-Tiering Standard Infrequent Access One Zone-Infrequent Access Glacier Instant Retrieval Glacier Flexible Retrieval Glacier Deep Archive

Answer 55

High Throughput Low Latency

Answer 56

Automatically moves data between two different tiers

Answer 57

Accessed Less Frequently as it has an access cost Good for Rapid Access

Answer 58

One Availiability Zone Cost Effective

Answer 59

Immediate Access Archieve Storage

Answer 60

Archieve Storage Retrieve 1-2 times a year not immediate access

Answer 61

Archive Storage For long term storage, possibly for compliance Retrievel can take up to 12 hours

Answer 62

Special Simple Storage Service (S3) service Fully managed windows file system Supports Windows workloads Build on Windows Server

Answer 63

Special Simple Storage Service (S3) service Minimize Downtime & Dataloss Quick Recovery times Cost-Effective Solution - Pay only for the servers you are replicating

Answer 64

SSD for High IOPS HDD for High Throughput

Answer 65

Input/Output Operations Per Second

Answer 66

Connects your on-premesis data to the cloud as a hybrid storage service Cost-Effective, reduces on-premises storage infrastructore Secure, data encryption for safe transfer and storage Seamless integration, integrates with existing AWS offerings Use Cases: Data backup for your onsite data Disaster Recovery Data Processing in AWS

Answer 67

S3 File Gateway Volume Gateway Tape Gateway FSx File Gateway

Answer 68

Keep your data in cloud-native formats

Answer 69

Provides block storage volumes Offers Stored and Cached volumes

Answer 70

Archiving Data

Answer 71

Extends on-premises file systems

Answer 72

Centralized Backup Management Automated Backup Scheduling Encryption & Compliance Cross-Region & Account Backup

Answer 73

Content Delivery Network (CDN) Charges for data transfers bur the first 1TB is free Caches your content in multiple edge locations Integrates with AWS Shiled to protect from DDoS and AWS Web Application Firewall to protect from common web exploits. Integrated with other AWS services to improve the experience Use Cases: Streaming Videos Secure Transactions (encrypted information such as Credit Card) Traffic Spikes (black friday/new product) Detailed Analytics (what is popular on your site, where your users are from)

Answer 74

Finds the optimal path from Edge locations to the nearest regional endpoint. Improved performance - Increases throughput by up to 60% Simplified traffic management - Users can access your application endpoints through static IP address Security and Reliability - DDoS Resiliency, Automatic Reroute Consistent Global User Experience - Intelligent routing sends user traffic to the endpoint that provides the best performance. Use Case: Global User Base High Traffic Events Multi-Region Applications - Simplifies the process Latency- Sensitive Applications (trading/gaming)

Answer 75

Responsible for routing outoing requests and incoming traffic

Answer 76

Have entries (routes) that determine where network traffic from your subnets should go. Each subnet must be associated with a route table. Public subnets typically have a route associated with an Internet Gateway allowing for internet access to and from the subnet.

Answer 77

Operate at the instance level Allow you to specify allowable protocols, ports, and source/destination IP ranges Security group are stateful, if they allow traffic in one direction it is automatiically allowed the return trip.

Answer 78

Operate at the subnet level Are stateless, inbond and outbound rules must be set seperatly They can allow or deny traffic based on protocol, port, and source/destination IP addresses.

Answer 79

Virtual Private Cloud allows you to create your own virtual cloud within AWS itself.

Answer 80

Resources here can be accessed from the internet

Answer 81

Not directly accessible from the outside world

Answer 82

Amazon DNS service Uses sophisticated Traffic routing including geolocation routing, latency-based routing, and weighted round-robin routing Health Checks, performs helath checks on your resources and reroutes to valid endpoints DNS Failover, automatically redirect users to a secondary location Scalability and Integration, scales automatically with your demand and integrates seamlessly with other AWS services Use Cases: Web Application Routing Load Balancing Global Traffic Management Domain Name Registration and Management Private DNS for Amazon VPC

Answer 83

Direct connection from your data center to AWS, bypassing the public internet High Speed data transfer, Ideal for transferring large volumes of data quickly and consistently Reduced Bandwidth costs, more cost-effective for extensive data transfer compared to internet-based transfers Reliable Connection free from public internet disruptions and security risks

Answer 84

Secure connection between your data center or branch office and your AWS enviroment Allows your network to extended to the AWS cloud as if it was part of your own datacenter Used to connect entire networks

Answer 85

Secure access to your AWS resources or your private network from any location Used for individual access

Answer 86

Direct Connect when: Large-scale data transfer regularaly Consistent performance is criticial such as stock trading where miliseconds count Sensitive Data that stays off the public internet VPN when: Encrypt data over the public internet such as employees working from home cost-effective quick and easy setup especially if temporary

Answer 87

Data that is organized in rows and columns Amazon RDS is primary AWS Relational Database

Answer 88

Key-Value Pairs Amazon DynamoDB is AWS primary NoSQL Database

Answer 89

Central Code Repository Like Git Source Control

Answer 90

Fully managed build and test service Can build from CodeCommit and build packages to be deployed

Answer 91

Automated Deployment Service

Answer 92

Automated CI/CD Pipeline Can be triggered by commits to CodeCommit that can then call CodeBuild and then use CodeDeploy

Answer 93

Browser based shell with AWS CLI pre-installed

Answer 94

Command line interface A command line tool used to manage AWS Services

Answer 95

Browser based IDE (Integrated Development Environment) that lets developers write, run, and debug code. Supports popular programming languages such as JavaScript, Python, Ruby, and C++

Answer 96

Central Artifact Repository supports in-house and open source artifacts

Answer 97

Simple Queue Services Allows us to decouple the components of an application so that they are independent SQS is pull-based Multiple components can add and consume messages Messages are processed asynchronously Guaranteed to be processed at least once

Answer 98

Simple Notification Service Set up, operate, and send notifications Can send SMS or email (plain) Pub-sub model - Users must subscribe to a topic

Answer 99

Event-driven architecture, an event is a change in state generated by services like EC2, CloudWatch, and CloudTrail. When an event is triggered it routes to the correct target, such as if EC2 goes down EventBridge is notified, and you can send a job to SNS to notify the support team. Define tasks that can be run on a pre-defined schedule

Answer 100

Standard generally processes messages in order and generally processes one message once each, but neither thing is guaranteed. FIFO is first in first out, every message is processed in order and only once.

Answer 101

Short Polling returns a response immediately even if the message queue being polled is empty, and you pay for these. Long Polling The queue doesn't respond until a message arrives, or the long pole times out and costs less.

Answer 102

Cloud based email service that enables your application to send richly formatted HTML emails. Send bulk emails Track open and click-through rates

Answer 103

Great way to visualize your serverless application Step functions automatically trigger and track each step Step functions log the state of each step, so you can track what went wrong and where.

Answer 104

Used to manage, configure, and provision your AWS Infrastructure as Code Resources defined in a CloudFormation template CloudFormation interprets the template and makes the appropriate API calls to create the resources defined in the template, this is called the CloudFormation Stack. Free to use, you are only charged for the resources created

Answer 105

Allows developers to focus on code Simply upload your application to AWS Elastic Beanstalk will, Provision the infrastructure needed to run your application along with the stack needed to run it. Takes care of capacity, load balancing, auto-scaling and health monitoring No need to worry about configuring the underlying infrastructure needed to run the application. Also handles OS patching and updates and web server used.

Answer 106

Physical data transfer through secure device, not over the internet for at least 10TB to transfer

Answer 107

Physical data transfer through secure device, not over the internet for at least 10TB to transfer and need to perform local compute on the data

Answer 108

Physical data transfer through secure device, not over the internet for at least 10 PetaBytes

Answer 109

Physical data transfer through secure device, not over the internet. Small and portable military grade 8TB HDD or 14TB SSD

Answer 110

Used to migrate your database and analytics workloads to AWS.

Answer 111

Converts from one database schema to another. Such as an Oracle database to AWS Aurora for MySQL.

Answer 112

Allows Business-to-business file transfer using protocols like SFTP, AS2, FTPS and FTP. Files can be transferred in either direction.

Answer 113

High data throughput Automated NFS, SMB shared file systems, object stores pay per GB transfer use cases: Securely migrate all your data to AWS replicate your data using AWS Storage archive historical data to low-cost AWS Storage Support hybrid or multi-cloud workflows

Answer 114

Scans your current setup to develop a migration plan to quickly and easily move to AWS. Gets info on your current: Server inventory Configuration data Operating system version Capacity utilization Inbound and outbound network connections Install an agent on each server to collect the data If using VM a virtual appliance can be deployed on VMware vCenter

Answer 115

Converts your servers to run on AWS, be it local servers, Virtual Machines, another Cloud Provider, or another AWS service in another region. Automated Lift-and-shift Free to use for up to 90 days, you pay for the AWS services you use

Answer 116

Central location to gather appliance and server inventory information. Enables you to access, plan, and track migrations to AWS. Logically group servers together for migration A central place to manage the migration of applications and data into AWS. Integrates with Application Discovery Service, Application Migration Service, and Database Migration Service. Can make recommendations about modernizing your applications. Estimate the cost of your migration

Answer 117

Same thing as RedShift, but with no infrastructure to manage.

Answer 118

A family of services that enables you to collect, process, and analyze streaming data in real time. Data generated continuously by thousands of data sources that typically send in the data records simultaneously and in small sizes (kilobytes). Useful in situations such as: Financial transactions Stock prices Game data (as gamer plays) Social media feeds Location-tracking data IoT sensors Clickstream data Log files

Answer 119

Capture, transform, and load data streams into AWS data stores to enable near real-time analytics with BI tools. Dynamically adjusts resources to handle varying data volumes Processes and delivers data within 60 seconds for timely insights Customize and enhance data with AWS Lambda before loading into permanent storage Integrated monitoring with Amazon CloudWatch and automatic error retries. Use cases: near real-time analytics Data lake feeding log data management IoT data integration

Answer 120

Kinesis Data Streams process streaming data Kinesis Video Streams processes video streams into AWS. Data is retained by default for 24 hours with a maximum of 365 days

Answer 121

Enables you to run standard SQL queries on data stored in S3 An interactive query service Serverless, nothing to provision Pay per query and per TB scanned No need for complex extract/transform/load (ETL) processes Works directly with data stored on S3 Use cases: Query log files stored in S3 Analyze AWS cost and usage reports Generate business reports on data stored in S3 Run queries on click-stream data

Answer 122

Serverless data preparation and integration service for analytics and machine learning Crawls your data and discovers and catalogs your data across multiple sources Performs ETL (Extract, Transform, and Load) and can categorize, clean and remove duplicates. Loads data at the end into AWS services such as RDS, RedShift, S3 or Athena.

Answer 123

Lets you securely exchange data with third party providers on a subscription bases Use case, analyze geographical spending patterns based on user data from mastercard.

Answer 124

Fully managed Big Data Platform (Petabytes) Parallel data processing and analysis for structured, semi-structured and unstructured data. Supports open source technologies like Spark, Hive, Presto, and Hadoop. Use Cases: Genomic data click-stream logs

Answer 125

Fully managed Elasticsearch service based on open-source technology Compatible with industry standard Elasticsearch open-source APIs, Logstash, and Kibana Ingest data from AWS services like CloudWatch Logs, S3, and DynamoDB Use cases: Log Analytics Application Monitoring Security Analytics Business Data Analytics

Answer 126

Kafka is: Widely used open-source technology Build real-time data streaming pipelines Process streams of events from hundreds of event sources Data consumers read the data and process it in the order it was produced With Amazon MSK, Amazon handles the heavy lifting of setting up the Apache Kafka This is very similar to Data streaming, but this allows users to use Apache Kafka

Answer 127

QuickSight is a SaaS model for business analytics Connects to your AWS data sources, as well as on-premises data Create dashboards to gain business insights Use cases: Sales Performance Application traffic data Marketing Campaign analysis

Answer 128

Fully managed Machine Learning Platform Imports your data Helps you prepare your data Build your models or use built in ones Train your model Deploy your model use cases: Recommendation engine identify fraudulent transactions Predict Insurance claims Virtual customer service assistant

Answer 129

An intelligent search service uses natural language processing to query your data customized search to help find answers such as from customer queries data sources can be many things such as S3, RDS, SQL Server, Websites, Google Drive, GitHub, etc Data types can be unstructured and semi-structured and file types such as HTML, XML, PDF, Microsoft Office. Examples: (Simple Fact-based questions) When is the deadline for completing the compliance training? (Descriptive questions) How do I register for the AWS Certified Cloud Practitioner exam?

Answer 130

Lex allows you to build conversational interfaces in your applications using natural language models. Chatbot Seamlessly integrates with AWS Lambda for executing logic Multi-Platform Compatibility, works with mobile devices, web applications, and chat services like Facebook Messenger Speech or Text input Natural language, understanding, understands user intent to deliver a natural conversational experience. Use cases: Virtual Agent and voice assistants Automate FAQs

Answer 131

Generates realistic, natural sounding speech, from text that you provide. You can provide the text in a variety of languages The resulting audio can be streamed, saved, or downloaded Can be used to add natural sounding speech to your applications Supports a variety of languages and voices

Answer 132

Uses Natural Language Processing (NLP) and machine learning to process text Use cases: Sentiment analysis from social media feeds or customer support interactions Identify the language of the provided text Analyze a set of documents to discover the primary topics Improved searching by indexing key phrases, identify sentiment and entities. Management and discovery to organize documents by topic to serve relevant content to customers.

Answer 133

Uses machine learning as a language translation service Quickly translates large volumes of HTML or text content Supports 70+ languages Can customize it to recognize your own brand names, products, and terminology

Answer 134

Uses machine learning as to extract information from any kind of document Can handle printed or handwritten using Optical Character Recognition (OCR) Use cases: Automated ID Processing Analyzing Invoices

Answer 135

Uses machine learning as a speech to text service Can handle streamed audio or audio files use case: subtitles or meeting notes

Answer 136

Analyses images and videos to identify text, objects and people. Use cases: Content moderation to identify harmful or offensive images Identify verification Identify objects and text in images

Answer 137

Allow you to sort and visualize your cloud resources on AWS. Key/Value pair (Key: Environment, Value: Production)

Answer 138

Used to create resource groups on AWS, on premises, or on other cloud platforms Take automated actions on resource groups View aggregated operational data of resource groups

Answer 139

Can securely store sensitive data such as; passwords, database strings and license keys

Answer 140

View the status of services and regions relevant to the workloads running in your AWS Account.

Answer 141

Leverage the AWS Health API if you are building a custom observability application that sees the same information as AWS Health Dashboard.

Answer 142

One-stop shop for best practice advice covers: Performance Cost optimization Fault tolerance Service limits Operational Excellence Security Some basic advice is free, but more advice comes with a cost.

Answer 143

Can use pre-defined recommendations or create custom rules to check your configurations across your AWS accounts. Detects non-compliant resources and alerts administrators in the console but does NOT prevent them, that would be IAM Does not enforce standards, but audits adherence.

Answer 144

Centralize audit data from AWS Config and security services Find root causes of noncompliance and generate reports Provides pre-build audit frameworks to meet industry standards such as: HIPAA NIST Cybersecurity AWS Operational Best Practices

Answer 145

The AWS Well-Architected Tool access your workloads, learns about best practices, and generate action plans.

Answer 146

Allows you to create a call center in the cloud

Answer 147

Amazon Workspaces provisions remote desktops for dispersed employees.

Answer 148

Converts applications to software-as-a-service for employees or end users. Is a fully managed, secure application streaming service that allows users to stream desktop applications to their devices without needing to install or manage them locally, providing instant access and a responsive user experience

Answer 149

Can: Identify resources with external access Validate IAM Policies Generate IAM Policies based on usage

Answer 150

Test new IAM policies before granting them to users, user groups, and roles.

Answer 151

Searches your S3 buckets for PII (Personally Identifiable Information)

Answer 152

Provides on-demand, scalable computing capacity in the Amazon Web Services (AWS) Cloud. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. You can add/decrease capacity (scale up/scale down) to handle changing demands. An EC2 instance is a virtual server in the AWS Cloud.

Answer 153

AWS Key Management Service (AWS KMS) is an AWS managed service that makes it easy for you to create and control the encryption keys that are used to encrypt your data.

Answer 154

Allows you to provision, deploy, and automatically renew public or private SSL/TLS certificates for use with HTTPS.

Answer 155

Secrets Manager adds another layer of security by enabling automatic rotation of your secrets.

Answer 156

Network firewalls not only filters based on origin, but can also define complex rules to inspect traffic within your VPCs.

Answer 157

AWS WAF protects your web applications from common exploits such as SQL injections and cross-site scripting.

Answer 158

Shield Standard protects your AWS resources from DDoS at no extra cost Shield Advanced provides expanded protection, and access to a 24/7 DDoS response team.

Answer 159

AWS Firewall Manager helps you administer your network security from a single service. Lets you manage your Network Firewall, AWS WAF, and AWS Shield from one location

Answer 160

Aggregates findings across your AWS ecosystem. Prioritizes security events and determines the best way to take action. Integrates nicely with AWS Organizations to centralize security alerts and compliance status across multiple accounts

Answer 161

Collects activity logs from around AWS and uses machine learning to intelligently detect threats. Detects active threats

Answer 162

Amazon Detective uses machine learning to help you investigate security events, both the cause and the severity. Investigates security events after they have occurred

Answer 163

Inspector continuously scans your workloads for software vulnerabilities and network exposure. Detects workload vulnerabilities

Answer 164

AWS Control Tower automates account creation and the application of best-practice config rules and SCPs (Service Control Policies) Helps handling multiple accounts in one organization and pulling existing accounts into your organization

Answer 165

Service Control Policies prevent actions

Answer 166

Download AWS security and compliance documents, provide them to regulators, and inform your cloud architecture. Prove your application is compliant with things such as HIPPA

Answer 167

AWS STS enables you to request temporary credentials for users such as auditors

Answer 168

Reserve capacity of a particular instance type for a significantly discounted hourly rate.

Answer 169

Reserve capacity but retain flexibility on what instance types to use, resulting in a smaller overall discount.

Answer 170

Reserve a particular instance type, but only during defined time windows, resulting in a moderate discount.

Answer 171

Discount compute up to 90% by using spot instances ONLY if you have flexibility for when your workloads run, as they can start and stop at any point.

Answer 172

Compute Optimizer uses machine learning to analyze your CloudWatch utilization metrics, and provides right-sizing recommendations for your EC2 instances.

Answer 173

Examines all S3 buckets across your organization and give you storage class change recommendations you can make across your organization.

Answer 174

Pricing Calculator allows you to assess your potential cloud costs. You provide your services and configurations, the Pricing Calculator produces a cost estimate breakdown.

Answer 175

AWS Budgets allows you to set customized budgets and receive SNS alerts when you exceed your thresholds. You can also define automated cost saving responses and create reports.

Answer 176

Cost Explorer is a dashboard where you can gain insights on your AWS usage and projected spend. Filter costs by attributes such as service or region. Create custom visual reports and drill down for detailed analysis.

Answer 177

Cost and Usage Reports give you the most detailed data on your cost and usage history. Generate reports, store them in S3, and analyze them to gain insights on per-resource cost data.

Answer 178

Billing Conductor allows you to create billing groups within your AWS Organization. Distribute bulk discounts across billing groups and set custom pricing rates.

Answer 179

Trusted Advisor free checks AWS Health dashboard Access to customer service and documentation

Answer 180

$29/month Everything from Basic Support: Trusted Advisor free checks AWS Health Dashboard Access to customer service and documentation Plus: Receive general guidance within 12–24 hours depending on severity

Answer 181

$100/month Everything from Basic Support: AWS Health Dashboard Access to customer service and documentation Plus: Trusted Advisor upgraded to full set of checks Receive contextual guidance within 1–24 hours depending on severity 24/7 access to phone, web, or chat support team Important to remember for test, this is the lowest level that has phone and chat support. As well as the full set of Trusted Advisor checks.

Answer 182

$5,500/month Receive contextual guidance within 30 mins to 24 hours depending on severity 24/7 access to phone, web, or chat support team Limited consultative review and guidance Proactive guidance from a pool of Technical Account Managers Concierge access to billing issues Important to remember for test, both Enterprise levels are needed for concierge billing assistance and guidance from Technical Account Managers.

Answer 183

$15,000/month Receive contextual guidance within 30 mins to 24 hours depending on severity 24/7 access to phone, web, or chat support team Unlimited consultative review and guidance Proactive guidance from a designated Technical Account Managers Proactive support in managing billing Important to remember for test, both Enterprise levels are needed for concierge billing assistance and guidance from Technical Account Managers.

Answer 184

Find AWS Certified freelancers and consultants.

Answer 185

Pre-configured security and operations management service.

Answer 186

A team of AWS experts. These are consultants that work for AWS.

Answer 187

Support and exclusive offers for startups.