Cloud Computing

Question 1

What is cloud computing?

Answer 1

Cloud Computing is the on-demand delivery of compute, database, storage, application, and other IT resources.

Question 2

Name the 5 pillars of a Well-Architected Framework

Answer 2

1. Cost Optimization
2. Reliability
3. Operational Excellence
4. Performance Efficiency
5. Security

Question 3

Define a Well-Architected Framework

Answer 3

This framework helps Cloud Architects build secure, fault-resilient, efficient, high-performing IT infrastructure

Question 4

What are the 6 major advantages of cloud computing?

Answer 4

1. Trade capital expense for variable expense
2. Benefit from massive economics of scale
3. Stop guessing about capacity
4. Increase speed & agility
5. Stop spending money running & maintaining datacentres

Question 5

Name 3 types of Cloud Computing;

“___ as a Service”

Answer 5

1. Software as a service (SaaS) - Completed product ran & managed by a service provider (GMail)
2. Infrastructure as a Service (IaaS) - Building blocks for cloud IT (Physical server)
3. Platform as a Service (PaaS) - Deploy & manage apps without worrying about hardware infrastructure (Godaddy, Shopify)

Question 6

Name 3 Types of Cloud Computing Deployments

Answer 6

1. Cloud - Fully deployed on the Cloud
2. Hybrid - Mix of cloud & on-prem
3. On-Premises - Own data centre

Question 7

Virtual Network

Answer 7

VPC

Question 8

Virtual server

Answer 8

EC2 - Elastic Cloud Computing

Question 9

Balance incoming traffic loads

Answer 9

Elastic Load Balance (ELB)

Question 10

Object storage

Answer 10

S3 - Simple Storage Solution

Question 11

Speedy websites - uses Edge Locations

Answer 11

CloudFront

Question 12

Templates to form cloud services

Answer 12

CloudFormation

Question 13

Track trails of action/audit logs

Answer 13

CloudTrail

Question 14

Watch/Monitor AWS

Answer 14

CloudWatch

Question 15

Route domains to services/IPs

Answer 15

Route 53

Question 16

Block storage/ Virtual drive

Answer 16

Elastic Block Store

Question 17

Relational Database (Aurora, Redshift)

Answer 17

RDS = Relational Database Service

Question 18

Non-relational DB (No SQL)

Answer 18

DynamoDB

Question 19

Business Intelligence (RDS)

Answer 19

Redshift

Question 20

Serverless code

Answer 20

Lambda

Question 21

Provide access

Answer 21

IAM - Identity & Access Management

Question 22

Web App Firewall

Answer 22

WAF

Question 23

DDoS Protection

Answer 23

Shield

Question 24

Automated security assessment for EC2

Answer 24

Inspector

Question 25

Optimize infrastructure (performance, cost optimization, fault tolerance)

Answer 25

Trusted Advisor

Question 26

Billing BDBE - TAM

Answer 26

- Basic (Free) - Developer ($29 per month) - Business ($100 per month) - Enterprize ($15 000 per month & TAM)

Question 27

Design principles: CROPS

Answer 27

``` C - Cost Optimization R - Reliability O - Operational Excellence P - Performance S - Security ```

Question 28

Relational Database - SQL

Answer 28

RDS - Aurora | Redshift (data warehouse, business intelligence)

Question 29

Non-relational Database - No SQL

Answer 29

Lots of data but no links between the data DynamoDB (No SQL)

Question 30

Dynamically monitors & can react to changes / triggers

Answer 30

CloudWatch

Question 31

Audit logs

Answer 31

CloudTrail

Question 32

Gateway to connect to on-prem with cloud

Answer 32

Storage Gateway

Question 33

Transfer huge amounts of data to AWS

Answer 33

Snowball

Question 34

AWS is responsible for security __ the cloud. | The customer is responsible for security __ the cloud.

Answer 34

AWS is responsible for security OF the cloud. | The customer is responsible for security IN the cloud.

Question 35

Shared Responsibility Model: Customer: - CD - P, A, IAM - OS, N & FC Encryption: CS Data SS NTP

Answer 35

Customer is responsible for security IN the cloud - Customer Data - Platform, Apps, Identity & Access Management - Operating System, Network & Firewall Config Encryption: Customer-Side Data Encryption & Integrity Server-Side Encryption Network Traffic Protection

Question 36

Shared Responsibility Model AWS: S - C, S, DB, N H & GI - R, AZ, EL

Answer 36

AWS is responsible for security OF the cloud Software - Compute, Storage, Database, Networking Hardware & Global Infrastructure - Regions, Availability Zones, Edge Locations

Question 37

SRM Shared Controls PM, CM, A&T

Answer 37

Patch Management Config Management Awareness & Training

Question 38

What is fully controlled by AWS? What is fully controlled by Customer?

Answer 38

AWS - Physical & Environmental Controls Customer - Service & Comms Protection/Zone Security

Question 39

What re the 5 security pillars of AWS Well-Architected Framework? - DC - IAM - IP - DP - IP

Answer 39

- Detective Controls - Identity & Access Management - Infrastructure Protection - Data Protection - Incident Response

Question 40

AWS Cloud Compliance? - C & A - L, R, P - A & F

Answer 40

- Certificates & Attestations - Laws, Regulations, Privacy - Alignments & Frameworks

Question 41

Allows you to provide very granular access permissions to resources within the infrastructure.

Answer 41

Identity & Access Management

Question 42

Protects your web app from common web exploits that could compromise security, availability & resource consumption of your AWS infrastructure

Answer 42

Web App Firewall | WAF

Question 43

Protects your wen apps from DDoS attacks with an always-on detection & auto handling of any potential DDoS attcks

Answer 43

AWS Shield

Question 44

An automated security assessment service to help improve security and compliance of apps deployed on the Cloud

Answer 44

Inspector

Question 45

Helps you optimize your environment by reducing cost, increasing performance & improving security

Answer 45

Trusted Advisor

Question 46

Name 3 ways to access AWS

Answer 46

- AWS Management Console - Command Line (CL) - Software Developer Kit (SDK)

Question 47

Provides safe, secure, highly-scalable object based storage on the cloud

Answer 47

Amazon S3 - Simple Storage Solution

Question 48

With S3, what is CRR (Cross-Region Replication)

Answer 48

For redundancy, you can have contents replicated automatically

Question 49

What is the availability & durability of S3?

Answer 49

Availability is 99.99% Durability is 99,.999999999& (eleven 9s)

Question 50

What is the data consistency mode for S3? - RAW - EC

Answer 50

- Read-After-Write Consistency | - Eventual Consistency

Question 51

Name the 4 Storage Classes of S3: - S - S-IA - OZ-IA - G

Answer 51

- Standard - Standard - Infrequently Accessed - Onezone - Infrequently Accessed - Glacier

Question 52

What are the 3 retrieval options if Glacier (S3)? - ER - SR - BR

Answer 52

- Expedited Retrieval (few mins) - Standard Retrieval ( 3 - 5 hours) - Bulk Retrieval (5 - 12 hours)

Question 53

You can upload unlimited no. of files up to 5TB each in size. But you are charged for some things: - S - Rq - Rt - ED - SM - DT - TA - BW

Answer 53

- Storage - Requests - Retrievals - Early deletes - Storage Management - Data Transfer - Transfer Acceleration - Bandwidth

Question 54

What are the 2 types of Encryption? ``` CS Encryption SS Encryption - S3 MK - KMS - CPK ```

Answer 54

Client Side Encryption Server Side Encryption - S3 Managed Keys - Key Management System - Customer Provided Key

Question 55

What is the default access control on S3?

Answer 55

All buckets & objects are set to be private

Question 56

What is a PETABYTE-scale data migration solution to transport A LOT of data from your on-prem environment into the AWS cloud?

Answer 56

Amazon Snowball A physical device is mailed to you, once you've transferred the data you ship it back & the data will be transferred into S3

Question 57

Name 4 common use cases for Amazon Snowball - CM - DR - DC D - CD

Answer 57

- Cloud Migration - Disaster Recover - Data Centre Decom - Content Distribution

Question 58

List the 3 types of Snowball & their sizes

Answer 58

- Snowball (50 TB / 80 TB) - Snowball Edge (100 TB) - Snowmobile (100 PB) - truck

Question 59

What are the 4 tiers to AWS Support Plans and monthly pricing?

Answer 59

- Basic (Free) - Developer ($29 per month) - Business ($200 per month) - Enterprize ($15 000 per month & TAM)

Question 60

What are the 4 types of charges for AWS Support Plans? C S DO

Answer 60

- Compute - Storage - Data Out

Question 61

Cost Calculators 1. Calculates the cost of your entire AWS infrastructure to get a monthly bill? 2. Analyze costs & usage data to identify trends, cost drivers & detect anomalies? 3. Compare total cost of running your infrastructure on-prem vs on AWS?

Answer 61

1. AWS Simple Monthly Calculator 2. AWS Cost Explorer 3. Total Cost of Ownership Calculator (TCO)

Question 62

Name the 5 best practices of Trusted Advisor: - CO - FT - P - SL - S

Answer 62

- Cost Optimization - Fault Tolerance - Performance - Service Limits - Security

Question 63

Name the 5 types of Compute ``` E E E E L ```

Answer 63

``` EC2 - Elastic Cloud Computing EFS - Elastic File System Elastic Beanstalk Elastic Load Balancing Lambda ```

Question 64

Name 5 types of storage offered in AWS ``` E E S S SG ```

Answer 64

``` EBS - Elastic Block Storage Elastic File System S3 - Simple Storage Solution Snowball (Data migration) Storage Gateway (Connects on-prem to cloud) ```

Question 65

Name 4 types of AWS Databases: D DDB RDS R

Answer 65

AWS Databases DynamoDB Relational Database (RDS) Redshift (Data Warehouse)

Question 66

Name the 3 Networking & Content Delivery available on AWS CF R53 V

Answer 66

CloudFront Route 53 Virtual Private Cloud (VPC)

Question 67

Name the 6 security services offered by AWS: ``` IAM I SRM S TA W ```

Answer 67

- Identity & Access Management - Inspector - Shared Responsibility Model - Shield - Trusted Advisor - WAF (Web App Firewall)

Question 68

AWS Storage Gateway is a hybrid cloud storage service that gives you on-prem access to virtually unlimited cloud storage. Name the 3 types of gateways

Answer 68

Tape Gateway - Backup & restore (virtual tape) File Gateway - For hybrid cloud workloads Volume Gateway - Disaster Recovery on AWS

Question 69

A cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS.

Answer 69

AWS Direct Connect