Cloud Practitioner

Question 1

AWS Management Code

Answer 1

Provides a web interface that can be used to access your VPC

Question 2

AWS Command Line Interface (AWS CLI)

Answer 2

Provides Commands for a broad range of AWS services, such as VPC

Question 3

AWS SDK (Software Development Kit)

Answer 3

Provides language-specific APIs and takes care of many of the connection details, such as calculating signatures, handling request retries, and error handling.

Question 4

Query API

Answer 4

Provides low-level API actions that you call using HTTPS requests. Using the Query API is the most direct way to access Amazon VPC, but it requires that your application handle low-level details such as generating the hash to sign the request, and error handling.

Question 5

Scalability

Answer 5

Scaling Horizontally – an increase in the number of resources
Scaling Vertically – an increase in the specifications of an individual resource

Question 6

Disposable Resources Instead of Fixed Servers

Answer 6

Instantiating Compute Resources – automate setting up of new resources along with their configuration and code

Infrastructure as Code – AWS assets are programmable. You can apply techniques, practices, and tools from software development to make your whole infrastructure reusable, maintainable, extensible, and testable.

Question 7

Automation

Answer 7

Serverless Management and Deployment – being serverless shifts your focus to automation of your code deployment. AWS handles the management tasks for you.

Infrastructure Management and Deployment – AWS automatically handles details, such as resource provisioning, load balancing, auto scaling, and monitoring, so you can focus on resource deployment.

Alarms and Events – AWS services will continuously monitor your resources and initiate events when certain metrics or conditions are met.

Question 8

Loose Coupling

Answer 8

Well-Defined Interfaces – reduce interdependencies in a system by allowing various components to interact with each other only through specific, technology agnostic interfaces, such as RESTful APIs.

Service Discovery – applications that are deployed as a set of smaller services should be able to be consumed without prior knowledge of their network topology details. Apart from hiding complexity, this also allows infrastructure details to change at any time.

Asynchronous Integration – interacting components that do not need an immediate response and where an acknowledgement that a request has been registered will suffice, should integrate through an intermediate durable storage layer.

Question 9

Services, Not Servers

Answer 9

Managed Services – provide building blocks that developers can consume to power their applications, such as databases, machine learning, analytics, queuing, search, email, notifications, and more.

Serverless Architectures – allow you to build both event-driven and synchronous services without managing server infrastructure, which can reduce the operational complexity of running applications.

Question 10

Databases

Answer 10

Relational Databases provide a powerful query language, flexible indexing capabilities, strong integrity controls, and the ability to combine data from multiple tables in a fast and efficient manner.

NoSQL Databases is a more flexible data model that seamlessly scales horizontally. It uses a variety of data models, including graphs, key-value pairs, and JSON documents, and are widely recognized for ease of development, scalable performance, high availability, and resilience.

Data Warehouses are a specialized type of relational database, which is optimized for analysis and reporting of large amounts of data.

Graph Databases uses graph structures for queries.

Search Functionalities

Question 11

Managing Increasing Volumes of Data

Answer 11

Data Lake – an architectural approach that allows you to store massive amounts of data in a central location so that it’s readily available to be categorized, processed, analyzed, and consumed by diverse groups within your organization.

Question 12

Removing Single Points of Failure

Answer 12

Standby redundancy – when a resource fails, functionality is recovered on a secondary resource with the failover process. The failover typically requires some time before it completes, and during this period the resource remains unavailable. This is often used for stateful components such as relational databases.

Active redundancy – requests are distributed to multiple redundant compute resources. When one of them fails, the rest can simply absorb a larger share of the workload.

Detect Failure – use health checks and collect logs

Durable Data Storage
Synchronous replication – only acknowledges a transaction after it has been durably stored in both the primary storage and its replicas. It is ideal for protecting the integrity of data from the event of a failure of the primary node.

Asynchronous replication – decouples the primary node from its replicas at the expense of introducing replication lag. This means that changes on the primary node are not immediately reflected on its replicas.

Quorum-based replication – combines synchronous and asynchronous replication by defining a minimum number of nodes that must participate in a successful write operation.

Automated Multi-Data Center Resilience – utilize AWS Regions and Availability Zones (Multi-AZ Principle). (See Disaster Recovery section)

Fault Isolation and Traditional Horizontal Scaling – Shuffle Sharding

Question 13

Optimize for Cost

Answer 13

Right Sizing – AWS offers a broad range of resource types and configurations for many use cases.

Elasticity – save money with AWS by taking advantage of the platform’s elasticity.

Take Advantage of the Variety of Purchasing Options – Reserved Instances vs Spot Instances

Question 14

Caching

Answer 14

Application Data Caching – store and retrieve information from fast, managed, in-memory caches.

Edge Caching – serve content by infrastructure that is closer to viewers, which lowers latency and gives high, sustained data transfer rates necessary to deliver large popular objects to end users at scale.

Question 15

Security

Answer 15

Use AWS Features for Defense in Depth – secure multiple levels of your infrastructure from network down to application and database.

Share Security Responsibility with AWS – AWS handles security OF the Cloud while customers handle security IN the Cloud.

Reduce Privileged Access – implement Principle of Least Privilege controls.

Security as Code – firewall rules, network access controls, internal/external subnets, and operating system hardening can all be captured in a template that defines a Golden Environment.

Real-Time Auditing – implement continuous monitoring and automation of controls on AWS to minimize exposure to security risks.

Question 16

Decouple your components

Answer 16

the key concept is to build components that do not have tight dependencies on each other so that if one component were to fail for some reason, the other components in the system will continue to work. This is also known as loose coupling. This reinforces the Service-Oriented Architecture (SOA) design principle that the more loosely coupled the components of the system are, the better and more stable it scales.

Question 17

Think parallel

Answer 17

This internalizes the concept of parallelization when designing architectures in the cloud. It encourages you to implement parallelization whenever possible and to also automate the processes of your cloud architecture.

Question 18

Design for failure

Answer 18

This concept encourages you to be a pessimist when designing architectures in the cloud and assume that the components of your architecture will fail. This reinforces you to always design your cloud architecture to be highly available and fault-tolerant.

Question 19

Implement elasticity

Answer 19

This principle is implemented by automating your deployment process and streamlining the configuration and build process of your architecture. This ensures that the system can scale in and scale out to meet the demand without any human intervention.

Question 20

AWS Inspector

Answer 20

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications

Question 21

AWS Device Farm

Answer 21

AWS Device Farm is an application testing service that lets you improve the quality of your web and mobile apps

Question 22

AWS Mobile Hub

Answer 22

AWS Mobile Hub is a service that enables even a novice to easily deploy and configure mobile app backend features

Question 23

AWS Ground Station

Answer 23

This service is for controlling satellite communications and processing data using satellites.

Question 24

Amazon Lumberyard

Answer 24

this is a game engine service for creating games.

Question 25

AWS Security Bulletin

Answer 25

this AWS service is a security announcement provider service.

Question 26

Multi Threading

Answer 26

A technique by which a single set of code can be used by several processors at different stages of execution.

Question 27

AWS Control Tower

Answer 27

For customers who want to create or manage their multi-account AWS environment with best practices

Question 28

Amazon Elastic File System (Amazon EFS)

Answer 28

provides simple, scalable file storage for use with Amazon EC2

storage capacity is elastic, growing and shrinking automatically as you add and remove files

simple web services interface that allows you to create and configure file systems quickly and easily.

Question 29

Amazon Relational Database Service (Amazon RDS)

Answer 29

easy to set up, operate, and scale a relational database in the cloud.

cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups.

fast performance, high availability, security, and compatibility

Question 30

Amazon Simple Storage Service (Amazon S3)

Answer 30

Secure, durable, and highly-scalable object storage at a very low cost

store and retrieve any amount of data, at any time, from anywhere on the web through a simple web service interface.

.

Question 31

Amazon S3 Glacier Instant Retrieval

Answer 31

low-cost storage service that provides highly secure, durable, and flexible storage for data archiving and online backup.

Question 32

Well-Architected Framework

Answer 32

1. Operational Excellence
2. Security
3. Reliability
4. Performance Efficiency
5. Cost Optimization
6. Sustainability

Question 33

AMI (Amazon Machine Image)

Answer 33

A template that contains software configuration (Operating system)

Question 34

Internet gateway

Answer 34

a VPC component that enables your servers in the public subnet to communicate with the public Internet.

Question 35

AWS Elastic Beanstalk

Answer 35

this service is just a platform where you can easily deploy applications and the service handles the infrastructure provisioning process for you.

Question 36

IAAS- Infrastructure as a Service

Answer 36

contains the basic building blocks for cloud IT and typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space.

Question 37

PaaS- platform as a service

Answer 37

PaaS services include AWS Elastic Beanstalk, which provides you a platform to launch your applications, while the service prepares all the necessary infrastructure to run your application.

Question 38

SaaS- software as a service

Answer 38

Software as a Service provides you with a completed product that is run and managed by the service provider. With a SaaS offering, you do not have to think about how the service is maintained or how the underlying infrastructure is managed.

Question 39

DBaaS- database as a service

Answer 39

A managed database service.

Question 40

Amazon DynamoDB

Answer 40

a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. DynamoDB lets you offload the administrative burdens of operating and scaling a distributed database

Question 41

Amazon Redshift

Answer 41

this is a data warehousing service that is specifically designed for online analytic processing (OLAP) and business intelligence (BI) applications

Question 42

S3 Glacier Flexible Retrieva

Answer 42

archiving data that might infrequently need to be restored, once or twice per year, within a few hours

Question 43

S3 Glacier Deep Archive

Answer 43

archiving long-term backup cycle data that might infrequently need to be restored within 12 hours

Question 44

Amazon EBS

Answer 44

this is a type of block storage that is not suitable to be used for database backups. It is also more expensive than S3 Glacier Flexible Retrieval.

Question 45

Amazon Chime

Answer 45

high-quality communications service that transforms online meetings with an easy-to-use app that works seamlessly across all your devices.

Question 46

Amazon Connect

Answer 46

an easy-to-use omnichannel cloud contact center that helps companies provide superior customer service across voice, chat, and tasks at a lower cost than traditional contact center systems.

Question 47

AWS Transfer Family

Answer 47

this tool is used for recurring business-to-business file transfers to Amazon S3 and Amazon EFS using SFTP, FTPS, and FTP protocols.

Question 48

AWS Marketplace

Answer 48

this is a sales channel for ISVs and Consulting Partners to sell their solutions to AWS customers.

Question 49

Amazon Workspaces

Answer 49

this is a fully managed desktop virtualization service for Windows and Linux

Question 50

Amazon Aurora

Answer 50

this is a MySQL and PostgreSQL-compatible relational database

Question 51

Amazon ElastiCache

Answer 51

This is a fully managed caching service

Question 52

Global services

Answer 52

IAM, STS, Route 53, CloudFront and WAF

Question 53

Regional Services

Answer 53

EC2 Instance and EBS Volumes, Amazon EFS and AWS Batch.