Cloud Practitioner

Question 1

define what the AWS cloud is.

Answer 1

on demand delivery of IT resources and applications via the internet

Question 2

What are the benefits of Cloud services?

Answer 2

Reduce risk, scalablility, agile

Question 3

How does Cloud computing reduce risks?

Answer 3

Being Agile and being able to learn and adapt quickly to change

Question 4

How do you reduce your security risks?

Answer 4

Test often, patch quickly, and respond to incidences at lightning speeds.

Question 5

What does scalablity mean in AWS terms?

Answer 5

Resize your resources as necessary

Question 6

What does scalablity mean in AWS terms?

Answer 6

Resize your resources as necessary

Question 7

How does Cloud computing increase agility?

Answer 7

3 main factors in agility: increasing speed, ease of experimentation, cultivating culture of innovation

Question 8

Where are aws buildings

Answer 8

all over the world

Question 9

What does elasticity mean in AWS terms?

Answer 9

ability to scale up or down resources easily. Quickly deploy application or shut down.

Question 10

What does reliablity mean in AWS terms?

Answer 10

Ability to recover from infrastructure or service failures. Mitigate disrubtions

Question 11

How to make your resources maintain reliability?

Answer 11

Store your instances in multiple different aws availability zones instead of only one zone where if disaster occurred then all your resources are also down.

Question 12

What does fault tolerance mean?

Answer 12

means a system can remain functional even if some of its components fail. built in redundancy

Question 13

What is AWS data security

Answer 13

users have complete ownership of their own data.. and also how you handle encryption and who holds the encryption keys. and regional data compliance requirements

Question 14

Why is AWS security world class?

Answer 14

electronic surveillance,
multi-factor access controls, 24/7 security guards, access strictly regulated. minimize disruptions to systems, availability zones allow users to remain resilient.

Question 15

What cloud based products does AWS offer?

Answer 15

Compute, Storage, Databases, Analytics, Networking, Mobile, Developer tools, Management tools, IOT (internet of things), security, and enterprise applications

Question 16

How does the AWS products help users?

Answer 16

Mover faster, Lower IT costs, and scale

Question 17

list 6 aws core services

Answer 17

Amazon Elastic Cloud Compute (EC2),
Amazon Elastic Block Store (EBS),
Amazon Simple Storage Service (S3), 
AWS Global Infrastructure,
Amazon Virtural Private Cloud (VPC),
Security Groups.

Question 18

What is EC2?

Answer 18

Elastic Compute Cloud

Question 19

What does Compute refer to in EC2?

Answer 19

represents the servers, ie, application servers, Web servers, database servers, game servers, mail servers, media servers, catalog servers, file server, computing server, proxy server, ect.

Question 20

What does Cloud refer to in EC2?

Answer 20

the fact that these are cloud hosted services

Question 21

What does Elastic refer to in EC2?

Answer 21

the scalablity if properly configured, and it will do so automatically depending on the needs at the moment

Question 22

what are the “servers “ AWS provides reffered to as?

Answer 22

Amazon EC2 Instances

Question 23

What are instances?

Answer 23

They are pay as you go, have a broad selection of HW/SW, available global hosting

Question 24

What are the steps to build and configure and EC2 instance?

Answer 24

Login in to AWS, Console,
Choose a region,
Launch EC2 Wizard,
Select AMI (SW),
Select instance type, (HW)
Configure network,
Configure storage,
Configure Key pairs,
Then finally launch and connect to it.

Question 25

What kinda choices do you have for AMIs?

Answer 25

Stands for Amazon Machine Image.

Options are pre-made images (basics linux, windows, ect), OR third party images, OR install ur own images as SW

Question 26

What is a DHCP address?

Answer 26

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (that is, a scope) configured for a given network

Question 27

What does EBS stand for?

Answer 27

Elastic Block Storage

Question 28

What can EBS be used for?

Answer 28

Storage for ur EC2 instances, usually used whenever your needing disk space for ur instances

Question 29

Why is EBS more durable then typical HDD or SDD?

Answer 29

The block level replication. so you can use something basic for ur OS, but something faster like SDD for your seconday storage for Database so it may perform faster.
Lastly Snapshot feature allows you to save different versions of what you are running in different periods of time.

Question 30

Can you encrypt your data that goes between your EC2 and EBS?

Answer 30

Yes using Encryption capabilities that amazon provides.

Encryption occurs on the EC2 side.

Question 31

to connect an EC2 instance to an EBS what must one make sure of ?

Answer 31

that the instance and the block are in the same Availability Zone

Question 32

what is the command to tell what EBS blocks that are attached to your instance?

Answer 32

lsblk will show the disks

Question 33

how do you create a file system on the newly attached EBS?

Answer 33

sudo mke2fs /location/storagename

Question 34

how do you mount the new created folder into the machine?

Answer 34

sudo mount /loc/mountpoint /folder.

Question 35

what are the steps to attach and EBS to an EC2 instance?

Answer 35

Create, Attach, Format

Question 36

How do your remove an EBS from an EC2 instance?

Answer 36

give the command unmount /folder.
Then go back to AWS console, click on EC2 dashboard, click volumes, select the volume and detach the volume from the instance

Question 37

Why are tags important?

Answer 37

they help identify where your usage and costs are coming from when analyzing your ASW bill

Question 38

What are the benefits of using EC2 instances compared to physical servers

Answer 38

Pay as you go,

Ability to have different storage requirements

Question 39

What does Amazon S3 stand for?

Answer 39

Simple storage service

Question 40

Describe amazon S3

Answer 40

its a already managed cloud storage service, that doesn’t require you to add infrastructure.
Unlimited # of objects able to be stored.
Any objects types allowed.
Any time access.
Security controls.

Question 41

For putting objects in storage in S3, what is a common practice to write the keys?

Answer 41

with a name that resembles a file path

Question 42

which amazon service automatically backs up your data in storage faculties in the same region?

Answer 42

Amazon S3

Question 43

how would you create a url to access data from anywhere using S3?

Answer 43

https://bucket_name/S3_region-specific_endpoint/object_key

Question 44

what are two requirements for bucket names in S3?

Answer 44

Globally unique,

and DNS compliant

Question 45

what are some usecases for S3?

Answer 45

Storing Application Assets,
Static Web Hosting,
Backup & Disaster Recovery,
Staging area for Big Data

Question 46

how would you copy data over to your S3 in the AWS CLI?

Answer 46

aws s3 cp thingcopied.txt s3://bucket_name/object_name

Question 47

how would you copy data over to your S3 in the AWS CLI?

Answer 47

aws s3 cp thingcopied.txt s3://bucket_name/key_name

Question 48

how would you sync data over to your S3 in the AWS CLI?

Answer 48

aws s3 sync somefolder s3://bucket_name/key_name

Question 49

What are the 3 topics The AWS global infustructure can be broken down into?

Answer 49

AWS regions,
Availability Zones,
Edge Locations

Question 50

What are AWS regions?

Answer 50

they are geographic areas that store 2 or more Availability zones

Question 51

When choosing a region what should you consider?

Answer 51

which regions help optimize latency while minimizing costs, and adhering to regulatory requirements (GDPR, HIPAA, PCI DSS)

Question 52

What are Availability zones?

Answer 52

they are a collection of data centers in a specific region . Each centers are completely separate from each other but connected by a low latency network

Question 53

What are AWS edge locations?

Answer 53

they host a content delivery network (cdn) called “Amazon Cloud Front”.
It is used to deliver content to ur customers.

Question 54

Describe Amazon VPC

Answer 54

virtual private cloud is designed to meet ur networking requirements. same concepts as an on premise network. complete control of configuration. control over traffic

Question 55

which services does VPC integrate well with?

Answer 55

EC2, Relational database service, ect

Question 56

what are some features of VPC?

Answer 56

Bulits upon high availablity of AWS regions and Availability zones,
Subnets,
Route Tables,
Internet Gateway (IGW),
NAT Gateway,
Network Access Control Lists (NACL)

Question 57

What are security groups?

Answer 57

they act like a built in firewall , control accessibility to instances

Question 58

what port is http?

Answer 58

port 80

Question 59

what is port https?

Answer 59

port 443

Question 60

what source would you use to accept traffic from anywhere on the internet?

Answer 60

0.0.0.0/0

Question 61

what ways can you edit your security group rules?

Answer 61

by traffic type, protocols, port ranges, and source

Question 62

what is best practice for traffic rules?

Answer 62

to know what traffic is needed to access data and to limit traffic to only those channels

Question 63

What is the application load balancer?

Answer 63

the second type of load balancer, introduced as part of the Elastic load balancing service. Enhanced Features include: supported protocols, Cloudwatch metrics, access logs, health checks

Question 64

why use the application load balancer?

Answer 64

1) use a container to host ur microservices and route to those applications from a single load balancer.
app load balancer allows you to route different requests to the same instances But differ the path based on the port

Question 65

With application load balancers what are Listeners?

Answer 65

is a process that checks for connection requests using the protocal and port that you configure. the rules that you define for a listener determine how the load balancer routes requests to the targets in one or more target groups.

Question 66

With application load balancers what are Targets?

Answer 66

is a destination for traffic based on the established listener rules.

Question 67

With application load balancers what are target groups?

Answer 67

Each target group routes requests to one or more registered targets using the protocol and port # specified. A target can be registered with multiple target groups. health checks can be configured on a per target group basis.

Question 68

what steps are needed to use an application load balancer?

Answer 68

Launching the application load balancer.
Configuring routing.
Registering targets.
Verifying operation of the Application Load balancer.

Question 69

what are the challenges of a stand alone relational database?

Answer 69

Server maintenance and energy footprint.
Software install and patches.
Database backups and high availability.
Limits on scalability.
Data security.
OS install and patches.

Question 70

what does Amazon RDS manage? what do you manage?

Answer 70

you manage: application optimization.
AWS manages: 
OS installation and patches.
Database software install and patches.
Database backups.
High availability.
Scaling.
Power and rack & stack.
Server maintenance.

Question 71

In RDS what is a database instance?

Answer 71

an isolated database environment that can contain multiple user created Databases and can be access by the usual ways.

Question 72

What is RDS best used for?

Answer 72

web/mobile apps: high throughput, massive storage scalability, and high availability.
E-commerce Application: Low-cost database, Data security, Fully managed solution.
Mobile/online games: rapid grow capacity, automatic scaling, database monitoring.

Question 73

What is AWS lambda?

Answer 73

a compute service that lets you run code without per-visioning or managing service. Executed ur code only when needed and scales automatically to thousands of requests per sec.

Question 74

what are the key benefits to AWS lambda?

Answer 74

No servers to manage. Only pay when needed. Continuous scaling. Subsecond Metering

Question 75

What programming languages does AWS lambda support?

Answer 75

Nodejs
Javascript
C#
Python

Question 76

How can we use AWS Lambda?

Answer 76

For event driven computing.
respond to http request using amazon gateway.
Envoke API calls using AWS SDKs

Question 77

what are some use cases for AWS lambda?

Answer 77

automated backups.
processing objects uploaded to S3.
Event driven log analysis.
Event driven transformation.
IOT.
Operating serverless websites.

Question 78

What is Elastic Beanstalk

Answer 78

It is a platform as a service.
Allow quick deployment of your applications.
Reduce management complexity.
keep control in ur hands (choose instance type, choose database, set and adjust auto scaling).
supports a large range of platforms (packer builder, containers, go, java, .net, node.js, php, python, ruby)

Question 79

What is Cloudwatch?

Answer 79

monitors your AWS resources and the applications you run on AWS in real time

Question 80

What are some Cloudwatch features?

Answer 80

Collect and track metrics.
Collect and monitor log files.
Set alarms.
Automatically react to changes.

Question 81

What are use cases for Cloudwatch?

Answer 81

Respond to state changes in ur AWS resources.
Automatically invoke an AWS lambda function to update DNS entries when an event notifies that EC2 instance enters the Running state.
Direct specific API records from the cloudtrail to a kinesis stream for detailed analysis of potential security or availability risks.
Take a snapshot of an EBS volume on a schedule.
Log S3 Object Level Operations using Cloudwatch Events.

Question 82

What are some components of Cloudwatch?

Answer 82

Metrics,
Alarms,
Events,
Logs,
Dashboards

Question 83

What is Cloudfront?

Answer 83

Uses edge locations for content delivery. Can cache the content. CDN: contant delivery network

Question 84

What are some use cases for cloudfront?

Answer 84

Static Asset Caching.
Live and On-Demand Video Streaming.
Security and DDoS protection.
Dynamic and Customized Content.
API Acceleration.
Software Distribution.

Question 85

What is cloudformation?

Answer 85

simplifies the task of repeatedly and predictably creating groups of related resources that power your applications.
Fully-managed service.
Create, update, and delete resources in stacks

Question 86

What are 3 ways of interacting with AWS services

Answer 86

call APIs such as:
AWS Management Console.
AWS CLI.
AWS SDK/API

Question 87

What are Cloudformation Templates?

Answer 87

Resources to provision.
Text file.
JSON or YAML format.
Self-documenting environment

Question 88

What are Cloudformation Stacks?

Answer 88

Resources generated.
Unit of deployment.
Create stack.
Update stack.
Delete stack.

Question 89

What is the AWS well-architected framework there for?

Answer 89

Assess and improve architectures.
Understand how design decisions impact business.
Learn the five pillars and design principles.

Question 90

what are the 5 pillars in well-architected framework?

Answer 90

Security.
Reliability.
Performance efficiency.
Cost optimization.
Operational excellence.

Question 91

what are the design principles for Security?

Answer 91

Identity and access management (IAM).
Detective controls.
Infrastructure protection.
Data protection.
Incident response.

Implement security at all layers.
Enable tractability.
Apply principles of least privilege.
Focus on securing your system.
Automate.

Question 92

What are the design principles for Reliability?

Answer 92

Recover from issues/failures.
Apply best practices in: foundations, change management, failure management.
Anticipate, respond, and prevent failures.

Test recovery procedures.
Automatically recover.
Scale horizontally.
Stop guessing capacity.
Manage change in automation.

Question 93

What are the design principles for performance efficiency?

Answer 93

Select customizable solutions.
Review to continually innovate.
Monitor AWS services.
Consider the trade-offs.

Democratize advanced technologies.
Go global in minutes.
Use a serverless architectures.
Experiment more often.
Have mechanical sympathy.

Question 94

What are the design principles for cost optimization?

Answer 94

Use cost-effective resources.
Matching supply with demand.
Increase expenditure awareness.
Optimize over time.

Adopt a consumption model.
Measure overall efficiency.
Reduce spending on data center operations.
Analyze and attribute expenditure.
Use managed services.

Question 95

What are the design principles for operational excellence?

Answer 95

manage and automate changes.
Respond to events.
Define the standards.

Question 96

Define Fault Tolerance?

Answer 96

Ability of a system to remain operational.

Built-in redundancy of an application’s components.

Question 97

Define High Availability?

Answer 97

Systems are generally functioning and accessible.
Downtime is minimized.
Minimal human intervention is required.
Minimal up-front financial investment.

Question 98

List some high availability service tools.

Answer 98

Elastic load balancers.
Elastic IP addresses.
Amazon Route 53.
Auto Scaling.
Amazon CloudWatch

Question 99

What are Elastic IP addresses?

Answer 99

Are static IP addresses.
Mask failures.
Continues to access applications if an instance fails.

Question 100

What is Amazon Route 53?

Answer 100

Authoritative DNS service (translates domain names to IP addresses).
Supports (simple routing, latency-based routing, health checks, DNS failovers, Geo-location routing)

Question 101

What is auto scaling?

Answer 101

Terminates and launches instances.
Assists with adjusting or modifying capacity.
Creates new resources on demand.

Question 102

List some Fault Tolerant Service Tools.

Answer 102

Amazon Simple Queue Service.
Amazon Simple Storage Service (S3).
Amazon Relational Database Service (RDS).

Question 103

list some core AWS security features.

Answer 103

Identity and access management.
Amazon inspector.
AWS Shield.

Question 104

The aws stack is made up of 
User data,
Application,
Guest OS,
Hypervisor,
Network,
Physical.
What does AWS take care of and what does the user?

Answer 104

AWS: physical, network, hypervisor,

If u are running EC2 then u take care of the rest, guest OS, Application, User Data.

Question 105

What is a user in IAM pov.

IAM: Identity and Access Management

Answer 105

A permanent named operator.

Question 106

What is a Group in IAM pov.

Answer 106

A collection of users.

Question 107

What is a Role in IAM pov.

Answer 107

an authentication method.

a role is an operator (human or machine) the credentials are temporary.

Question 108

What is a policy document in IAM pov.

Answer 108

a JSON document that attaches to the user or to the group, or can be attached directly to a role.
policy doc list an api, what restrictions do we want to implement for that specific role, user, or group.

Question 109

what is Amazon Inspector?

Answer 109

Automated security assessment service that helps maintain the security and compliance of applications deployed on AWS.

Question 110

how can you access the Amazon Inspector?

Answer 110

Amazon inspector Console,
AWS software development kits (SDKs),
Amazon Inspector HTTPS API,
AWS command line tools

Question 111

What does Amazon Inspector enable you to do?

Answer 111

Quickly and easily access ur AWS resources,
Offload security assessments,
Gain deeper understanding of ur AWS resources.

Question 112

What is AWS shield?

Answer 112

is a managed Distributed Denial of Service (DDoS)

protection service that safegaurds applications running on AWS.

Question 113

how do ppl defend against DDoS application layer attacks?

Answer 113

use web application firewalls (wafs)

block attacks/requests before they reach the web server infrastructure.

Question 114

What is AWS shield standard?

Answer 114

Automatic protections available for all AWS customers, at no extra cost

Question 115

What is AWS Shield Advanced?

Answer 115

Paid service for higher levels of protection, features, and benefits.

Question 116

What are the features of AWS Shield Standard?

Answer 116

Automatic protection.
Quick detection.
Inline attack mitigation.
Self services (AWS support does not need to step in)

Question 117

What features does AWS Shield Advance have?

Answer 117

All the features of Shield Standard.
Specialized support.
Advanced attack mitigation.
Visibility and attack notification.
Always-on monitoring.
Enhanced detection.
DDoS cost protection.

Question 118

list the 3 components AWS complicance looks at.

Answer 118

Risk management.
Control Environment.
Information Security.

Question 119

What things does the customer (us) have to do for customer compliance?

Answer 119

Review trusted info and doc compliance req.
Design and implement control objectives that meet compliance req.
identify and document controls owned my outside parties.
Verify all control objectives are met and all key controls are designed and operating effectively

Question 120

What are the 3 fundamental cost you pay for in aws?

Answer 120

Compute Capacity
Storage
Outbound data transfer

Question 121

List the cost factors.

Answer 121

clock-hour billing: resources incur charges when running.
Database characteristics: Engine, size, memory class impacts cost.
DB purchase type.
Provisionded storage: no charge for backup storage of up to 100% of DB storage.
Additional storage: back up storage in addition to provisioned storage billed at GB/Month