CloudFront CDN Lab

Question 1

Can you have multiple origins per distribution?

Answer 1

Yes

Question 2

Create a web distribution if you want to:

Answer 2

Speed up distribution of static and dynamic content, for example, .html, .css, .php, and graphics files.
Distribute media files using HTTP or HTTPS.
Add, update, or delete objects, and submit data from web forms.
Use live streaming to stream an event in real time.

Question 3

Create an RTMP distribution…

Answer 3

…to speed up distribution of your streaming media files using Adobe Flash Media Server’s RTMP protocol

Question 4

For web distributions, what can be the origin of your files?

Answer 4

either an Amazon S3 bucket or a web server

Question 5

After you create the web distribution, can you add more origins?

Answer 5

Yes

Question 6

With an RTMP distribution, can you play a media file before the file has finished downloading from a CloudFront edge location?

Answer 6

Yes

Question 7

For RTMP distributions, what can be the origin of your files?

Answer 7

an Amazon S3 bucket

Question 8

To use CloudFront live streaming…

Answer 8

…create a web distribution

Question 9

Origin Domain Name

Answer 9

name of the bucket or webserver

Question 10

Can you have on-premise origins?

Answer 10

Yes

Question 11

Origin Path

Answer 11

way of adding multiple subfolders in the origin (pictures, videos, etc)

Question 12

Origin ID

Answer 12

name of the origion

Question 13

Restrict Bucket Access

Answer 13

Yes or No, example: stop people from using s3 bucket url so that they use CloudFront instead

Question 14

If you decide to restrict bucket access…

Answer 14

…you need to create an Origin Access Identity (OAI)

Question 15

What is an Origin Access Identity?

Answer 15

a user. can add permissions to that user

Question 16

If you do not update the bucket policy to Grant Read Permissions…

Answer 16

…you will have to manually update the permissions yourself

Question 17

Path Pattern

Answer 17

allows us to set different origin servers

Question 18

Which HTTP methods are cached by default?

Answer 18

GET, HEAD

Question 19

If you have objects that constantly need to change (e.g. every 12 hours)…

Answer 19

…decrease the TTL

Question 20

What is meant by Restrict Viewer Access?

Answer 20

Viewers have to use signed URLs or signed cookies

Question 21

Restrict Viewer Access use case

Answer 21

If you have content you want to restrict to a certain audience, e.g. A Cloud Guru, it checks to make sure users have signed URLs or cookies (ie if users paid)

Question 22

Signed URLs/cookies are…

Answer 22

…private

Question 23

How are you going to secure CloudFront or secure objects in S3 to make sure only paying customers use it?

Answer 23

Always use signed URLs or signed cookies

Question 24

AWS WAF Web ACL

Answer 24

…Layer 7 protection, so WAF operates at the application layer. Protects against SQL injection, cross-site scripting

Question 25

Default CloudFront Certificate (*.cloudfront.net)

Answer 25

Choose this option if you want your users to use HTTPS or HTTP to access your content with the CloudFront domain name (such as https://d111111abcdef8.cloudfront.net/logo.jpg).

Question 26

Custom SSL Certificate (example.com)

Answer 26

Choose this option if you want your users to access your content by using an alternate domain name, such as https://www.example.com/logo.jpg.

Question 27

If you need to prevent users in selected countries from accessing your content…

Answer 27

…you can specify either a whitelist (countries where they can access your content) or a blacklist (countries where they cannot)

Question 28

Can you have both a whitelist and a blacklist simultaneously?

Answer 28

No

Question 29

Invalidating objects…

Answer 29

… removes them from CloudFront edge caches. there is a charge

Question 30

T/F: You can use CloudFront to download and upload files.

Answer 30

True