Core Services - Detailed

Question 1

What is a VPC

Answer 1

VPC stands for Virtual Private Cloud. APC allows you to create a secure private network in the AWS cloud where you launch your resources

Question 2

What are the main components of a VPC?

Answer 2

NACL, Router, Route Table, Internet Gateway

Question 3

What is an NACL?

Answer 3

NETWORK ACL, Access control lists (ACLs) ensure the proper traffic is allowed into the subnet.

Question 4

What is a Router and a Route Table?

Answer 4

A Router and a Route Table define where network traffic is routed.

Question 5

What is an Internet Gateway?

Answer 5

An Internet Gateway allows public traffic to the internet from a VPC

Question 6

What is a VPC like?

Answer 6

A VPC is like a fence

Question 7

What does an internet gateway do?

Answer 7

It allows traffic to the public internet

Question 8

What does peering do?

Answer 8

It allows you to connect 2 VPCs together

Question 9

What is an AZ

Answer 9

An AZ stands for availability zone. AZs consist of one or more physically separated data centres, each with redundant power, networking and connectivity, housed in separate facilities

An AZ has one or more discrete data centers but the exact number in each is not disclosed by AWS

An AZ contains the servers you’re renting and it’s where you deploy your applications
An AZ is associated with a single region

Question 10

What is Route 53

Answer 10

Route 53 is a DNS service that routes users to applications. It performs health checks on AWS resources and supports a HYBRID MODEL

Question 11

What is Direct Connect

Answer 11

Direct Connect is a dedicated physical network connection from your on-premises data center to AWS. It supports a HYBRID MODEL

Question 12

What is site-to-site VPN

Answer 12

Site-to-site VPN creates a secute connection between your internal networks and your AWS VPCs. It supports a HYBRID MODEL.

Question 13

What is API Gateway

Answer 13

API Gateway allows you to build and manage APIs

Question 14

What is a virtual private gateway?

Answer 14

Virtual Private Gateway is the VPN connector on the AWS side

Question 15

What is a customer gateway?

Answer 15

Customer Gateway is the VPN connector on the client side

Question 16

Name the available AWS databases

Answer 16

RDS, Aurora, DynamoDB, DocumentDB, ElastiCache, Neptune

Question 17

Name the AWS Analytics Services

Answer 17

Redshit, Athena, AWS Glue, Kinesis, EMS, Data Pipeline, QuickSight

Question 19

What is Redshift

Answer 19

Redshift is an analytics service. Redshift is a scalable data warehouse solution

Question 20

What is Athena?

Answer 20

Athena is a query analytics service for Amazon S3

Question 21

What is AWS Glue?

Answer 21

AWS Glue prepares your data for analytics

Question 22

What is Kinesis?

Answer 22

Kinesis is an analytics service that allows you to analyze data and video streams in real time.

Question 23

What is EMR?

Answer 23

EMR (Elastic Map Reduce) allows you to process large amounts of data

Question 24

What is Data Pipeline?

Answer 24

Data pipeline is an analytics service that helps you move data between compute and storage services running either on AWS or on-premises.

Question 25

What is QuickSight?

Answer 25

QuickSight is an analytics service that helps you visualize data using dashboards

Question 26

What are the Machine Learning services in AWS?

Answer 26

Rekognition, Comprehend, Polly, SageMaker, Translate, Lex

Question 27

What is Rekognition

Answer 27

Rekognition is a machine learning service that allows you to automate your image and video analysis

Question 28

What is Comprehend?

Answer 28

Comprehend is a natural-language processing (NLP) service that finds relationships in text.

Question 29

What is Polly?

Answer 29

Polly turns text into speech

Question 30

What is SageMaker?

Answer 30

SageMaker is a machine learning service that helps you build, train and deploy machine learning models quickly.

Question 31

What is Translate?

Answer 31

Translate is a machine learning service that provides language translation

Question 32

What is Lex?

Answer 32

Lex is a machine learning service that helps you build conversational chatbots. Alexa uses Lex.

Question 33

Access control list (ACL)

Answer 33

A firewall/security layer on the subnet level

Question 34

Buckets

Answer 34

root-level “folders”

Question 35

Auto scaling

Answer 35

Automates the process of adding or removing EC2 instances based on traffic demand for your application

Question 36

CloudFront

Answer 36

Content delivery network (CDN) that allows you to store your content at “edge locations” located all around the world, allowing customers to access your content more quickly

Question 37

CloudTrail

Answer 37

Allows you to monitor all actions taken by IAM users

Question 38

CloudWatch

Answer 38

Service that allows you to monitor various elements of your AWS account

Question 39

Consolidated billing

Answer 39

Allows you to view, manage, and pay bills for multiple AWS accounts in one user interface

Question 40

DNS server

Answer 40

A database of website domains and their corresponding IP addresses

Question 41

DynamoDB

Answer 41

NoSQL database service that does not provide other NoSQL software options

Question 42

EBS

Answer 42

Elastic Block Store (EBS) - Provides persistent block storage volumes for use of EC2 instances.

Question 43

EC2

Answer 43

Elastic Compute Cloud (EC2): A virtual computer, very similar to a desktop/laptop computer

Question 44

ELB

Answer 44

Elastic Load Balancing (ELB): Evenly distributes traffic between EC2 instances that are associated with it

Question 45

ElastiCache

Answer 45

Data caching service used to help improve the speed/performance of web applications running on AWS

Question 46

Elasticity

Answer 46

The ability of a system to increase and decrease in size

Question 47

Fault tolerance

Answer 47

Property that enables a system to continue operating properly in the event of the failure of one or more components

Question 48

Firewall

Answer 48

A type of software that either allows or blocks certain kinds of internet traffic to pass through it

Question 49

Folder

Answer 49

Any “subfolder” created in a bucket

Question 51

High availability

Answer 51

Refers to systems that are durable and likely to operate continuously without failure for a long time

Question 52

IAM users

Answer 52

Individuals who have been granted access to an AWS account

Question 53

IAM

Answer 53

Identity and Access Management (IAM): Service where AWS user accounts and their access to various AWS services are managed

Question 54

Lambda

Answer 54

Lambda: Serverless computing that will replace EC2 instances, for the most part

Question 55

Object availability

Answer 55

Percent over a one-year time period that a file stored in S3 will be accessible

Question 56

Object durability

Answer 56

Percent over a one-year time period that a file stored in S3 will not be lost

Question 57

Object lifecycle

Answer 57

Set rules to automatically transfer objects between storage classes at defined time intervals

Question 58

Object sharing

Answer 58

Ability to make any object publicly available via a URL link

Question 59

Object versioning

Answer 59

Automatically keep multiple versions of an object (when enabled)

Question 60

Organizations

Answer 60

Allow you or your company access to manage billing and access to multiple AWS accounts in one user interface

Question 61

Principle of least privilege

Answer 61

Giving a user only the rights/access to the AWS services and resources they need to do their job and nothing more

Question 62

Publishers

Answer 62

Human/alarm/event that gives SNS the message that needs to be sent

Question 63

RDS

Answer 63

Relational Database Service (RDS): SQL database service that provides a wide range of SQL database options to select from

Question 64

RedShift

Answer 64

Data warehouse database service designed to handle petabytes of data for analysis

Question 65

Roles

Answer 65

How different AWS services are granted permission to communicate and share data

Question 66

Route 53

Answer 66

Where you configure and manage web domains for websites or applications you host on AWS

Question 67

Scalability

Answer 67

The ability of a system to easily increase in size and capacity in a cost-effective way

Question 68

Security group (SG)

Answer 68

Firewall/security layer on the server/instance level

Question 69

Shared responsibility model

Answer 69

Defines what you and AWS are responsible for when it comes to security and compliance

Question 70

SNS

Answer 70

Simple Notification Service (SNS): AWS service that allows you to automate the sending of email or text messaging notifications based on events that happen in your AWS account

Question 71

S3

Answer 71

Simple Storage Service (S3): Online bulk storage service you can access from almost any device

Question 72

Storage class

Answer 72

Represents “classification” assigned to each object in S3 (standard, RRS, S3-IA, Glacier)

Question 73

Subnet

Answer 73

A subsection of a network and generally includes all the computers in a specific location

Question 74

Subscriptions

Answer 74

Endpoints to which a topic sends messages

Question 75

Topics

Answer 75

How you label and group different endpoints to which you send messages

Question 76

Trusted Advisor

Answer 76

Service that “advises” and helps you optimize aspects of your AWS account

Question 77

User credentials

Answer 77

IAM user’s username and password for logging in to AWS

Question 78

VPC

Answer 78

Virtual Private Cloud (VPC): A private subsection of AWS you control and in which you can place AWS resources

Question 79

List the 6 advantages of cloud computing

Answer 79

1. Trade Capital Expense (CapEx) for variable expense
2. Benefit from massive economies of scale
3. Stop guessing capacity
4. Increase speed and agility
5. Stop spending money managing infrastructure and datacentres
6. Go global in minutes

Question 80

List the 4 benefits of cloud computing

Answer 80

Think HEAD
High Availability
Elasticity
Agility
Durability

Question 81

What is the difference between CapEx and OpEx

Answer 81

Capital expenditures are a company’s major, long-term expenses while operating expenses are a company’s day-to-day expenses. Examples of CapEx include physical assets, such as buildings, equipment, machinery, and vehicles. Examples of OpEx include employee salaries, rent, utilities, and property taxes.

Question 82

What are the 3 common cloud computing models

Answer 82

Iaas - e.g. ec2, or a company hosting your website
Saas - e.g. A complete product run by the service or software provider - e.g. Gmail, Sagemaker
PaaS - e.g. A service provided by cloud providers that lets you develop without having to install anything - Cloud9, or a service provider giving you the tools to build a storefront website

Question 83

What are the 3 cloud computing deployment types

Answer 83

Private Cloud - ON-premises!, exists in your internal datacentre, doesn;t offer cloud computing advantages
Public Cloud - AWS - Advantages of cloud computing, you don;t have to mange the underlying hardware
Hybrid Cloud - Secure onprem data - direct connect to AWS where the apps run, or the intermediate position a company may be in as they migrate to the cloud, go through a cloud conversion

Question 84

What’s a driving force for choosing a parcticular region?

Answer 84

You want to use a region close to your customers for the best performance

Question 85

How can you protect the root user in your account?

Answer 85

MFA

Question 86

What privileges does the root user have?

Answer 86

All. You can even delete the account

Question 87

What are three ways you can access AWS services?

Answer 87

Management console, CLI (programatic access), SDK

Question 88

Name the core compute services

Answer 88

EC2
AMI
Lambda
Auto Scaling
ELB
Fargate
LightSail
AWS Outposts
AWS Batch

Question 89

What is ec2 and what can it be used for

Answer 89

Elestic compute. Allows you to rent and manage virtual servers in the cloud
750 compute hrs p/m on free tier plan
Use preconfigured template AMI to launch instance

REal world: deploy a database or a web application on ec2

EC2 Pricing options :

Question 90

How can you access your ec2 instance?

Answer 90

Acess via AWS management console, secure shell (SSH), ec2 instance connect (EIC) using IAM to control SSH access so you don’t need SSH keys, AWS systems mnager

Question 91

What is an AMI and how is it used?

Answer 91

Amazon Machine Image - A preconfigured template that you can use to launch an instance

Question 92

What is AWS Lambda?

Answer 92

Lambda is a serverless compute sevice that lets you run code without managing servers
Serverless compute - Run code

Function, scales automatically, serverless

Question 93

How can you trigger lambda?

Answer 93

SNS, Direct URL - get more info

Question 94

What is the Lambda execution timeout?

Question 95

What is the Lambda pricing model?

Answer 95

What is the free-tier Lambda pricing policy?

Question 96

What is the free-tier Lambda pricing policy?

Question 97

What additional compute services are there?

Question 98

What is AWS Fargate?

Answer 98

AWS Fargate
Serverless compute engine for containers
Allows you to manage containets like DOCKER
SERVERLESS

Question 99

What is Amazon LightSail?

Answer 99

Amazon Lightsail
Allows you to quickly launch all the resources you need for small projects

Simple screens for people with no cloud experience
Includes a virtual machine, SSD based storage, data transfer, DNS management, and a static IP
Provides a LOW, PREDICTABLE, MONTHLY FEE, as lows as $3.50

Question 100

What type of applications can Lightsail deploy

Answer 100

Deploy preconfigured applications, like WORDPRESSS websites, at the click of a button

Question 101

What is lightsail similar too?

Answer 101

(Similar to AWS Quick Starts)

Question 102

What is AWS Outposts?

Answer 102

Outposts allows you to run cloud services in your internal datacentre

Supports workloads that need to REMAIN ON-PREMISES due to latency or data sovereignty needs
AWS DELIVERS and INSTALLS servers in your internal data center
Used for a HYBRID experience
Have access to the CLOUD SERVICES and APIs to develop apps on-premises

Question 103

What is AWS batch?

Answer 103

Batch allows you to process large workloads in smaller chunks (or batches)
Runs hundreds and thousands of smaller BATCH PROCESSING jobs
DYNAMICALLY provisions instances based on volume

Question 104

What are the S3 storage services?

Answer 104

8 Services :
https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html

S3 Standard
S3 Standard IA (Infrequent Access)
S3 Intelligent Tiering

S3 One Zone-IA (Infrequent Access)
S3 Express One Zone

S3 Glacier Instant Retrieval
S3 Glacier Flexible Retrieval
S3 Glacier Deep Archive

Question 105

What type of storage is S3?

Question 106

How much can you store on S3?

Question 107

How do you get data into S3?

Question 108

What types of access is allowed for data in S3?

Question 109

At what level can security be set in S3?

Question 110

What type of location does S3 use?

Question 111

How can you track access to your S3 buckets and objects?

Question 112

What type of protection does S3 have?

Question 113

What are the 2 different aspects of data accessibility?

Question 114

What is durability?

Question 115

What is Amazon S3 standard’s durability level?

Question 116

What is storage availability in S3?

Question 117

What is S3 standards availability level?

Question 118

What are the S3 storage classes?

Question 119

What are s3 storage class and their availability levels

Question 120

What are the s3 storage classes protection levels?

Question 121

When might you use each type of S3 storage class?

Question 122

What is S3 used for in the real world?

Question 123

What are the types of Ec2 scaling and what do they do?

Question 124

What are the benefits of autoscaling?

Question 125

what is the difference between autoscaling and load balancing?

Question 126

What types of load balances are there?

Question 127

What is a region?

Answer 127

A region is a physical location, a collection of AZs
You should setup resources in regions close to your users
Most resources are tied to a specific region

Question 128

What does AWS Lambda allow developers to do?

Answer 128

Lets developers concentrate on core business logic rather than worring about managing servers

Question 129

What is the default lambda timeout?

Answer 129

15 minutes

Question 130

What programming languages does lambda support

Answer 130

Java, Go, PowerShell, Node.js, C#, Python and Ruby

Question 131

Name the lambda features

Answer 131

Lambda features:
1. Supports popular programming languages liek Java, Go, PowerShell, Node.js, C#, Python and Ruby
2. You author code using your favourite development environment or via the console
3. Lambda can execute your code in response to events
4. Lambda functions have a 15 minute timeout

Question 132

What is the Lambda pricing model

Answer 132

Lambda Pricing model:
You are chanrged based on duration and number of requests
1. Compute Time
2. Request count
3. Always free - the free usgae tier includes 1 million free requests each month

Question 133

What is High Availability

Answer 133

Highly available systems are designed to operate continuously without failure for a long time. These systems avoid loss of service by reducing or managing failures.

Question 134

Elasticity

Answer 134

With elasticity, you don’t have to plan ahead of time how much capacity you need. You can provision only what you need, and then grow and shrink based on demand.

Question 135

What is Agility

Answer 135

The cloud gives you increased agility. All the services you have access to help you innovate faster, giving you speed to market.

Question 136

What is durability?

Answer 136

Durability is all about long-term data protection. This means your data will remain intact without corruption.

Question 137

What are the characteristics of an AZ

Answer 137

Physically separated
Connected through low-latency links
Fault tolerant
Allows for high availability

Question 138

What are the three main components of the AWS Global strategy?

Answer 138

Regions, AZs, Edge locations

Question 139

What are edge locations?

Answer 139

Edge locations - way more of them than there are Regions or AZs
They’re not used to run services like compute, instead they cache your web content
They’re like a mini-datacenter, but not used to launch services like EC2 instances, they’re used to CACHE your content which is made possible via CloudFront

Think EDGE/FRONTier -the edge in different places in a cowboy hat and outfit?

Edge locations reduce latency

An Edge Location is used to cache content for speedy delivery
Content delivery network (CDN) and Amazon CloudFront
Reduced latency
An edge location is like a mini datacenter but it doesn’t run your main infrastructure like EC2 instances

Question 140

What is wavelength zone in AWS?

Answer 140

Wavelength Zones are AWS infrastructure deployments that embed AWS compute and storage services within telecommunications providers’ data centers at the edge of the 5G network, so application traffic can reach application servers running in Wavelength Zones without leaving the mobile providers’ network.

Question 141

What is local zones in AWS?

Answer 141

AWS Local Zones are a type of AWS infrastructure deployment that place compute, storage, database, and other select services closer to large population, industry, and IT centers, enabling you to deliver applications that require single-digit millisecond latency to end-users.

Question 142

What are the different EC2 types?

Question 143

What is AWS Global Accelerator?

Question 144

What are the ec2 pricing options?

Answer 144

On-Demand
Spot
Reserved Instances
Dedicated Hosts
Savings Plans

Question 145

What are the differences between the ec2 pricing options?

Answer 145

On-Demand - Pay as you go, fixed price, billed
down to the second based on your instance type, no contract, pay for what you use, for unpredictable workloads.

Spot - 90% savings,cheapest option, let you take advantage
of unused EC2 capacity, request is fulfilled only
if the capacity is available, apps that can survive termination

Reserved Instances - commit to a specific instance type
in a certain region for 1 or 3 years, steady state usage, pay upfront, save up to 75% than on-demand,

Dedicated Hosts - for a physical server
that is fully dedicated to running your instances, use when you want to BYOL, regulatory/compliance requirements around tenancy, save yp to 70% off on-demand,

Savings plans - save up to 72%, savings shared across various computer services (ec2, lambda, fargate), commit to 1 or 3 years compute usage, can lower bill across multiple compute services,