Cloud Practitioner

Question 1

What are the 5 EC2 instance family types?

Answer 1

General Purpose
Compute Optimized
Memory Optimized
Accelerated Computing
Storage Optimized

Question 2

What is a General Purpose instance and what is it good for?

Answer 2

Balance of compute, memory and networking
Application servers
Gaming servers
Backend servers for enterprise applications
Small-medium databases

Question 3

What is a Compute Optimized instance and what is it good for?

Answer 3

High-performance processors for compute heavy work
Application servers
Gaming servers
Backend servers
Batch-processing
But when they require a lot more compute

Question 4

What is a Memory Optimized instance and what is it good?

Answer 4

Processing large datasets in memory
Compute tasks that require a lot of data to be held in memory
Real-time processing of lots of unstructured datasets

Question 5

What is an Accelerated Computing instance and what is it good for?

Answer 5

Make use of hardware accelerators or coprocessors to perform compute more efficiently
Floating-point number calculations
Graphic processing (game streaming)
Data pattern matching

Question 6

What is a Storage Optimized instance and what is it good for?

Answer 6

Instance designed for tasks that need a high volume of read/write tasks
Any instance that has a high IOPS (input/output per second requirement)

Question 7

What are the five EC2 billing options and what do they offer?

Answer 7

On-Demand - per-hour or per-second, but the most expensive
Savings Plan - Lower costs but with a minimum use requirement
Reserved Instances - Used for steady-state workloads
Spot Instances - Cheap, spare capacity instances that can be taken away with 2 minutes notice
Dedicated Hosts - dedicated to you, no one else can use them (policy reasons)

Question 8

What is the maximum savings from the EC2 Savings Plan?

Answer 8

72%

Question 9

What is the maximum savings from the EC2 Spot Instances?

Answer 9

90%

Question 10

What are the three types of Reserved Instances and their available contract times?

Answer 10

Standard Reserved - 1 or 3 years
Scheduled Reserved - 1 year
Convertible Reserved - 1 or 3 years

Question 11

What AWS service would you use for automatic compute scaling and which direction does it scale?

Answer 11

Amazon EC2 Auto Scaling

Horizontally

Question 12

What are the two types of scaling?

Answer 12

Dynamic scaling - responds to changing demand

Predictive scaling - automatically scheduled instances based on predicted demand

Question 13

What are the three configurations of EC2 Auto Scaling?

Answer 13

Minimum capacity - the smallest number of running instances
Desired capacity - Ideal number of instances
Maximum capacity - Maximum number of running instances

Question 14

What is a Load Balancer?

Answer 14

Responsible for distributing requests across back-end instances

Question 15

What is Amazon Elastic Load Balancer?

Answer 15

Works with Auto Scaling to distribute work-loads to maximize compute resource.

Question 16

What is the difference between a monolithic application and microservices?

Answer 16

Monolithic are tightly coupled, where if one component fails then they all will.

Conversely, a microservice is loosely coupled so one component failure does not impact the others

Question 17

What is Amazon Simple Notification Service (SNS)?

Answer 17

A publish/subscribe service, i.e. publishes messages to subscribes. These could be web services, e-mail addresses, Lambda functions etc..

Question 18

What is Amazon Simple Queue Service (SQS) and what is it’s benefit?

Answer 18

Used to send, store and receive messages between components. This means services are not reliant on others to be open to receive a message.

Question 19

What does “serverless” mean? What is the benefit?

Answer 19

When your code is running on a server but you do not manage/have access to them.

Main benefit is automatic scaling.

Question 20

What is AWS Lambda and what is the recommended maximum compute time?

Answer 20

A serverless service, upload code, set a trigger and you are only charged for the compute time taken.

Recommended for code that takes <15 minutes to run

Question 21

What is a container?

Answer 21

A way to package your code and environment

Question 22

What is Amazon Elastic Container Service (ECS)?

Answer 22

A container management service used to host Docker images

Question 23

What is Amazon Kubernetes Service (EKS)?

Answer 23

A container management service used to host Kurbenetes containers

Question 24

What is Fargate and what are the three benefits?

Answer 24

A serverless compute engine for containers that works with ECS and EKS

No time spent managing infrastructure
Flexible
Secure by isolation

Question 25

What four considerations need to be made when choosing a region?

Answer 25

Compliance Customer Proximity Available services Pricing

Question 26

What is the difference between an Availability Zone and a Region?

Answer 26

An Availability Zone is a single or group of data centres within a region

Question 27

What is an Edge Location?

Answer 27

A site used by Amazon CloudFront to store cached copies of content, to improve the speed to reach further away customers

Question 28

What are the four ways of interacting with AWS services?

Answer 28

Management Console Command Line Interface (CLI) Software Development Kits (SDK) Amazon manage tools like Elastic Beanstalk or CloudFormation

Question 29

What is Elastic Beanstalk and what are the 4 main tasks?

Answer 29

Provides configuration settings to manage resources Adjust capacity Load balancing Automatic scaling Health monitoring

Question 30

What is AWS CloudFormation and what are the two main benefits?

Answer 30

Manages infrastructure as code through a CloudFormation template Fully automated Minimum risk of human error

Question 31

What is AWS CloudFront?

Answer 31

A global content delivery service, i.e. a network of edge locations

Question 32

What is AWS Outpost?

Answer 32

Extending the AWS infrastructure & services to on premise data centers

Question 33

What is the difference between a public and private subnet?

Answer 33

Public subnets can interact publicly, i.e. over the internet - private subnets can't.

Question 34

What is a Virtual Private Cloud (VPC)?

Answer 34

Allows you to isolate sections of the AWS Cloud in a defined virtual network

Question 35

What is an Internet Gateway?

Answer 35

A way to connect the public internet to a VPC

Question 36

What is a Virtual Private Gateway?

Answer 36

A way to restrict internet access to your VPC (like a VPN)

Question 37

What is AWS Direct Connect?

Answer 37

A dedicated, isolated and private connection between your data centre and a VPC

Question 38

What is a Network Access Control List (Network ACL)?

Answer 38

Checks packets from the internet have the correct permissions to leave/exit the subnet.

Question 39

What is a Security Group?

Answer 39

Rules applied to a collection of EC2s

Question 40

Is Network ACL Stateful or Stateless and what is the difference? How about Security Groups?

Answer 40

Stateless, always checks the packet regardless of circumstance Security Groups are Stateful, remembers who to let in

Question 41

What is the default rule for a network ACL?

Answer 41

Allow all inbound and outbound traffic

Question 42

What is the default for a Security Group?

Answer 42

Deny all inbound traffic, allow all outbound traffic

Question 43

What is the default for a Security Group?

Answer 43

Deny all inbound traffic, allow all outbound traffic

Question 44

What is Amazon Route 53?

Answer 44

A DNS webservice, routes users to internet applications hosted in AWS

Question 45

What is DNS and what's it's purpose?

Answer 45

Domain Name System, translates public site address to an IP address

Question 46

What is an instance store?

Answer 46

Block-level storage attached to the EC2 instance, all data is lost once the instance is terminated

Question 47

What is Amazon EBS?

Answer 47

Amazon Block Storage Block storage you can attach to an EC2 instance, but persists if the instance is shutdown

Question 48

How do you back-up an Amazon EBS volume?

Answer 48

Snapshots

Question 49

What three things does every storage object have?

Answer 49

Data, metadata & key (unique identifier)

Question 50

What is Amazon S3 and what is the maximum file size?

Answer 50

Simple Storage Service | 5TB

Question 51

What are the 6 types of S3 storage?

Answer 51

``` Standard Standard-Infrequent Access One Zone-Infrequent Access Intelligent-Tiering Glacier Glacier Deep Archive ```

Question 52

How many Availability Zones is S3 Standard data stored in?

Answer 52

A minimum of 3

Question 53

What is S3 Standard used for?

Answer 53

High availability objects that are frequently accessed

Question 54

What is S3 Standard-Infrequent Access?

Answer 54

Ideal for storing infrequently accessed data, similar to Standard except cheaper storage and more expensive retrieval price

Question 55

What is S3 One Zone-Infrequent Access?

Answer 55

Ideal for storing infrequently accessed data, similar to Standard except cheaper storage and more expensive retrieval price Data is also only stored in one Availability Zone, again making it cheaper but less reliable Good for when data is easily replicated

Question 56

What is S3 Intelligent-Tiering?

Answer 56

Automatically moves the data from S3 Standard to S3 Standard-Infrequent Access Good for data where retrieval frequency will change Comes with a monitoring & automation fee per object

Question 57

What is S3 Glacier?

Answer 57

Low-cost storage, designed for long term archiving

Question 58

What is S3 Glacier Deep Archive?

Answer 58

Lowest-cost storage but slower (within 12 hours) and more expensive retrieval

Question 59

What is Amazon EFS and what are its 4 main benefits?

Answer 59

Elastic File System Automatically scales Can be shared by EC2 instances Can be used by any Availability Zone in the Region Can be connected to directly through Direct Connect

Question 60

What is Amazon RDS and what's its main benefit?

Answer 60

Amazon Relational Database Service Automates relational database tasks such as hardware provisioning, database set-up, patching & backups

Question 61

What is Amazon Aurora, what are its benefits?

Answer 61

Enterprise-class relational database, good for high availability workloads Fast (3x MySQL, 5x PostgreSQL) Cheaper (1/10th) Reliable (6 copies across 3 AZs)

Question 62

What is Amazon DynamoDB & what are the benefits?

Answer 62

A non-relational, NoSQL database Performance (single-digit millisecond) Scalability Serverless (do not need to provision, patch or manage servers)

Question 63

When do you pick DynamoDB over RDS?

Answer 63

When you don't require table joins

Question 64

What is Amazon Redshift and when would you need it?

Answer 64

A data warehousing service Big data analytics that uses historic data

Question 65

What is Amazon DMS and what is it primarily used for and what are three other use cases?

Answer 65

Database Migration Service Service to migrate databases/datastores from source to target (i.e. on-prem to cloud) Development & test DB migration DB consolidation Continuous replication

Question 66

What are the 6 additional (and niche) DB services offered and what do they do?

Answer 66

DocumentDB - Supports MongoDB, a document DB program Neptune - Graph database service Quantum Ledger Database - Immutable ledger DB Managed Blockchain - create and manage blockchain networks ElastiCache - adds caching layer on frequent requests for faster access DynamoDB Accelerator (DAX) - in-memory cache for DynamoDB for microsecond response time

Question 67

What is the shared responsibility model?

Answer 67

AWS are responsible for protecting the global infrastructure of the Cloud, the customer is responsible for everything they put in it

Question 68

What is AWS IAM?

Answer 68

Identity and Access Management How you manage access to AWS services & resources

Question 69

What is the AWS root user?

Answer 69

The owner of the account, has all permissions

Question 70

What is an IAM user?

Answer 70

An identity created by the root user which can be assigned various permissions

Question 71

What are IAM policies?

Answer 71

A document that defines the permissions to certain services and resources

Question 72

What are IAM groups?

Answer 72

A set of IAM users, which can all be set the same policies

Question 73

What are IAM roles?

Answer 73

A specific role that has specific permissions which can be assumed temporarily by a user

Question 74

What are AWS Organizations?

Answer 74

A service to manage multiple AWS accounts which can be controlled through SCPs

Question 75

What is an SCP?

Answer 75

Service Control Policy, enables you to place restrictions on services, resources & API actions that users and roles within each Organization account can use

Question 76

What are Organizational Units?

Answer 76

Group AWS accounts into OUs to apply policies/SCPs to all accounts.

Question 77

What is AWS Artifact?

Answer 77

A service that provides on-demand access to security and compliance reports

Question 78

What is Customer Compliance Center?

Answer 78

Knowledge hub for AWS compliance

Question 79

What is AWS Shield?

Answer 79

A service to protect applications from DDoS attacks

Question 80

What is AWS Shield Standard?

Answer 80

An automatic and free service that protects against common DDoS attacks

Question 81

What is AWS Shield Advanced?

Answer 81

Paid for service that protects against sophisticated attacks and provide attack diagnostics

Question 82

What is AWS WAF?

Answer 82

Web Application Firewall: monitors network requests and controls access using the web access control list (ACL)

Question 83

What is Amazon Inspector?

Answer 83

Runs automated security assessments to see what improvements could be made

Question 84

What is Amazon GuardDuty?

Answer 84

Intelligent threat detector that continuously monitors network activity

Question 85

What is Amazon CloudWatch?

Answer 85

Service to monitor and manage metrics and configure alarms

Question 86

What is a CloudWatch alarm?

Answer 86

An alarm that is triggered if a metric goes above/beyond a certain amount for a certain amount of time

Question 87

What is AWS CloudTrail?

Answer 87

An auditing tool to review traffic

Question 88

What is CloudTrail Insights?

Answer 88

A feature that can be enabled within CloudTrail to automatically detect unsual API activity

Question 89

What is AWS Trusted Advisor?

Answer 89

Service that automatically inspects AWS environment and provides real-time recommendations

Question 90

What are the AWS Trusted Advisor 5 pillars?

Answer 90

``` Cost Performance Security Fault Tolerance Service Limits ```

Question 91

How many requests can you make to AWS Lambda for free?

Answer 91

Up to 1 million requests & 3.2 million seconds of compute

Question 92

How can you save on AWS Lambda?

Answer 92

Compute Savings Plan of 1 or 3 years, requires a minimum compute cost

Question 93

What are the four AWS Support plans?

Answer 93

Basic Developer Business Enterprise

Question 94

What is included in the Developer Support plan?

Answer 94

Free plan + Best practice guidance Client-side diagnostic tools Building-block architecture support

Question 95

What is included in the Business Support plan?

Answer 95

Dev plan + Use-case guidance All AWS Trusted Advisor checks Some support for third-party software (i.e. operating systems)

Question 96

What is included in the Enterprise Support plan?

Answer 96

Bus plan + Application architecture guidance Infrastructure event management Technical Account Manager (TAM)

Question 97

What is AWS Marketplace?

Answer 97

Amazon digital catalogue to find, test & buy software

Question 98

What is the AWS Cloud Adoption Framework?

Answer 98

A set of guidance to help with migration to the cloud

Question 99

What are the 6 perspectives of the AWS Cloud Adoption Framework?

Answer 99

``` Business (managers/stakeholders) People (HR/staffing) Governance (Risk/Performance) Platform (IT) Security Operations (IT support) ```

Question 100

What are the 6 strategies of migration?

Answer 100

``` Rehosting Replatforming Retire Retain Repurchasing Refactoring ```

Question 101

What is the AWS Snow Family?

Answer 101

Physical devices used to transport large volumes of data

Question 102

What are the four devices in the Snow Family and what are their maximum storage amounts?

Answer 102

Snowcone - small device that can contain up to 8TB of data Snowball (Storage) - larger device with 80TB of disk space Snowball (Compute) - 42TB of storage and 52 vCPUs with 208GB of memory Snowmobile - Shipping container that can contain up to 100 petabytes of data

Question 103

What are the five pillars of a Well-Architected Framework?

Answer 103

``` Operational Excellence Security Reliability Performance efficiency Cost optimization ```

Question 104

What is the Well-Architected Tool?

Answer 104

A tool to analyse your AWS infrastructure against the five "well-architected" pillars