CPC Prep Flashcards
What are the AWS Cloud Compute Services?
Elastic Cloud Compute (EC2)
Lambda
Elastic Container Service (ECS)
Lightsail
Which AWS Compute service do you manage the operating system? This service scales vertically with Autoscaling and is used for traditional applications and long running tasks?
EC2
Which compute service enables you to manage the container instance and the containers? This service enables you to manually add container instances or use ECS services & EC2 Autoscaling. It is used for microservices and batch use cases where you need to maintain management.
ECS (EC2 Launch Type)
Which compute service enables you to manage the containers? AWS scales the cluster automatically and is used for microservices and batch use cases.
EC2 (Fargate Launch Type)
Which AWS compute service enables you to manage the code? The service is serverless and automatically scales concurrent executions. It is used for ETL, infrastructure, automation, data validation, and mobile backends.
Lambda
Which compute choice operates with EC2? The consumer manages functions, application, runtime, and guest OS. AWS manages the Hypervisor and physical hardware.
Infrastructure as a System (IaaS)
Which compute choice operates with ECS? The consumer manages functions, applications, and runtime. AWS manages container engine, guest OS & physical hardware.
Container as a Service (CaaS)
Which compute choice operate with Lambda? The consumer manages the functions. AWS manages application, runtime, container engine, guest OS & physical hardware.
Function as a System (FaaS)
Which AWS service is great for users who do not have a deep AWS technical expertise and makes it easy to provision compute services?
Amazon LightSail
Which service includes everything you need to launch projects quickly? It provides preconfigured virtual private servers that include everything required to deploy applications or create a database.
Lightsail
Which service allows you to deploy a private server without a lot of technical expertise?
Lightsail
Which service provides serverless computing technology that allows you to run code without provisioning or managing servers?
Lambda
Which compute service executes code only when needed and scales automatically? You pay only for the compute time you consume.
Lambda
Which AWS service has the following benefits:
No servers to manage
Continuous scaling
Sub second metering
Integrates with almost all other AWS services
Lambda
Which AWS service has the following use cases:
Data processing
real-time file processing
real-time stream processing
Build serverless backends for web, mobile, IOT, and 3rd party applications
Lambda
Which AWS compute service provides a highly-scalable, high performance container management service that supports Docker containers?
Elastic Container Storage (ECS)
Which service is launched with ECS that enables you to provision instances and provides you granular control over infrastructure?
EC2
What service is launched with ECS where the control plane asks for resources and is automatically provisioned? This system provides you limited control and the infrastructure is automated.
Amazon Fargate
What data type is supplied by the user at instance launch?
User data
What data type provides data about your instance that you can configure or manage the running instance?
Metadata
Which AMI category is free of charge and generally allows you to select the operating system you want?
Community AMIs
Which AMI category do you pay to use and generally comes packaged with additional licensed software?
AWS Marketplace AMI
Which AMI category do you create yourself?
My AMIs
What service provides the information required to launch an instance?
Amazon Machine Image (AMI)
Which service provides a template for the root volume of the instance containing one or more EBS snapshots or instance-store-backed AMIs?
AMIs
What is an EC2 instance made up of?
Amazon Machine Image (AMI) + Instance type
Which web service in the AWS Compute suite of products provides secure, resizable compute capacity in the cloud?
EC2
Which EC2 attribute enables you to increase or decrease capacity within minutes and commission one to thousands of instances simultaneously?
Elastic Web-scale computing
Which EC2 attribute enables you to have complete control root access to each instance and can stop and start instances without losing data and using web service APIs?
Completely Controlled
Which EC2 attribute allows you to choose multiple instance types, operating systems, and software packages as well as instances with varying memory, CPU, and storage configurations?
Flexible Cloud Hosting Services
Which web service enables you to request temporary, limited privilege credentials for IAM users or for users that you authenticate?
AWS Security Token Service (STS)
What makes up Multi-Factor Authentication?
- User name and password
2. Virtual or physical Authenticator
What are the two IAM Authentication Methods?
- Access Key
2. User & Password
Which IAM authentication method is made up of an access key ID and a secret access key?
Access Key
When is the secret access key returned?
Only at the time of creation
How can IAM users be given access to change their own access keys?
Through IAM policy
Which IAM authentication method is used to access AWS Management Console?
IAM User and Password
Which IAM method enables you to define the permissions that can be applied to users, groups, and/or roles?
IAM Policies
Which IAM principle does the following:
- all permissions are implicitly denied by default
- the most restrictive policy is applied
- is written in JSON
- Uses a simulator to help you understand, test, and validate its effects
IAM Policy
Which IAM service is created and then “assumed” by trusted entities and define a set of permissions for making AWS service requests?
IAM Role
Which IAM category has the following attributes:
- Delegate permissions to resources for users and services without using permanent credentials
- Has no credentials associated with it
- Users or services can assume it to obtain temporary security credentials that can be used to make AWS API calls
IAM Role
Which IAM item is a collection of users and have policies attached to them?
IAM Groups
Which IAM item has the following characteristics:
- Not an identity and cannot be identified as a principal in an IAM policy
- Is used to assign permissions to users
- Uses the principal of least privilege when assigning permissions
- Cannot be nested within other ones
IAM Group
Which IAM entity represents a person or service?
IAM User
Which credentials consist of the email address used to create the account and password?
Root User
What are the 4 best practices for the root account?
- Don’t use the root user credentials
- Don’t share the root user credentials
- Create an IAM user and assign administrative permissions as required
- Enable Multi-factor Authentication (MFA)
Which accounts consist of a friendly name and an Amazon Resource Name (ARN) which uniquely identifies the user across AWS?
IAM User
What kind of policy can be defined for enforcing password length, complexity, etc and applies to all users?
Password
What two access methods can IAM Users be assigned?
- Access key ID and secret access key for programmatic access
- Password for access to the AWS Management Console
What describes the prohibited uses of AWS?
AWS Acceptable Use Policy
What are the three fundamentals of AWS pricing?
Compute, Storage, Outbound data transfer
Which pricing method is highly flexible with no long-term commitments or upfront payments? This method is used for compute and database capacity
On-Demand
Which pricing method is available for EC2 where hardware is dedicated to a single customer?
Dedicated Instances
Which pricing method allows you to purchase spare capacity with no commitments and great discounts at hourly rates? The drawback is AWS can pull the service if a higher paying customer needs it.
Spot Instances
Which payment method has an up to 75% discount and requires a 1 to 3 year term?
Reservations
What are the three Reservation payment options?
- No upfront
- Partial Upfront
- All Upfront
What three entities make up the AWS Global Infrastructure?
- Regions
- Availability Zones
- Edge Locations
Which AWS Global Infrastructure entity is a geographical area with 2 or more Availability Zones, isolated from others?
Regions
Which AWS Global Infrastructure entity consists of one or more data centers that are physically separated and isolated?
Availability Zones
Which AWS Global Infrastructure has direct, low-latency, high throughput and redundant network connections between each other?
Availability Zones
Which AWS Global Infrastructure is designed as an independent fault zone?
Availability Zones
Which AWS Global Infrastructure entity is a location with cache content that can be delivered at low latency to users and is used by CloudFront?
Edge Locations
What are the 6 benefits of Cloud Computing
- Trade capital expense for variable expense
- Benefit from massive economies of scale
- Stop guessing about capacity
- Increase speed and agility
- Stop spending money running and maintaining data centers
- Go global in minutes
Which cloud computing model is fully managed by you?
On-premises (private cloud)
Which Cloud Computing Model is the hypervisor and physical hardware managed by the service provider and the customer is responsible for the application, data, runtime, and guest operating system?
Infrastructure as a System (IaaS)
Which Cloud Computing Model is the hypervisor, physical hardware, guest operating system, & runtime managed by the service provider and the customer is responsible for the application and data?
Platform as a System (PaaS)
Which Cloud Computing Model is the hypervisor, physical hardware, guest operating system, runtime, data, and application managed by the service provider?
Software as a System (SaaS)
Which Cloud Computing Deployment Model does an enterprise deploy their own infrastructure and applications into their own data center?
Private Cloud
Which Cloud Computing Deployment Model does an IT service that you consume are hosted and delivered from a third-party and accessed over the Internet?
Public Cloud
Which Cloud Computing Deployment Model provides benefits include complete control over the entire stack and high-security?
Private Cloud
Which Cloud Computing Deployment Model benefits include variable expense, economies of scale, & massive elasticity?
Public Cloud
Which Cloud Computing Deployment Model is a combination of on-premises, private cloud and public cloud services?
Hybrid Cloud
Which Cloud Computing Deployment Model includes the following benefits:
- allows companies to keep the critical application & sensitive data in a traditional data center or private cloud
- Takes advantages of public cloud resources like SaaS and IaaS
- Facilitates portability of data, apps and services and more choices for deployment models
Hybrid Cloud
What are the 3 types of general storage types?
- Object Storage
- Block Storage
- File Storage
Which type of storage has virtually unlimited scalability and allows the retention of massive amounts of unstructured data? This storage class is accessed use it a REST API and includes the data itself, metadata, and globally unique identifier.
Object Storage
