CSOA-A Domain 1 - Monitoring, Logging, Remediation (20%)

Question 1

What are the two levels of metrics we can monitor for in CloudWatch?

Answer 1

• System Metrics
• Application Metrics

Question 2

What is Cloudwatch Unified Agent? How do you set it up?

Answer 2

• Something you install on your EC2 instance to collect system-level metrics
• You use the “config wizard” to set up your configuration file
• Then you run the agent and load that config file

Question 3

What are two categories of AWS CloudWatch metrics

Answer 3

• Default, built-in
• Custom, gathered by an agent

Question 4

Is EC2 Memory Utilization a Default or Custom Metric?

Answer 4

• It is a CUSTOM Metric
• You’d need to install an agent and report that to cloud watch

Question 5

What is CloudWatch Logs used for?

Answer 5

• Monitor store and access log files from a variety of sources
• Allows you to query logs for potential issues

Question 6

What is CloudWatch Logs Insights used for?

Answer 6

Allows you you to query your logs with a SQL like query

Question 7

Is cloudwatch Logs real time?

Answer 7

• No. for real-time, you;d need to look at AWS Kenisis

Question 8

What allows me to use SQL-like queries on logs?

Answer 8

Cloudwatch Logs Insights

Question 9

What is the default intervals for Standard Metrics? and Custom Metrics?

Answer 9

• Standard
  
  • 5 min
  • 1 min (Up-charge)
• Custom
  
  • 1 min
  • 1 Sec (Up-charge)

Question 10

What is AWS Config used for?

Answer 10

• Allows you to assess, audit, evaluate configurations of tour AWS resources.
• Used for enterprise compliance monitoring.

Question 11

1. What is a period?
2. What is the default period value?

Answer 11

• A period is the length of time associated with a specific Amazon CloudWatch statistic.
• 60 Seconds

Question 12

What is the new name for Amazon Cloudwatch Events, and what is it used for?

Answer 12

• Amazon Event Bridge
• EventBridge receives events indicating something changed in your AWS environment, then applies a rule to route that event to a target such as Lambda.

Question 13

What are some of the default metrics in an EC2 instance you can monitor with CloudWatch

Answer 13

CPU Utulization

Disk Reads/Writes

Network Packets In/Out

Question 14

What is the command to install the cloudwatch agent

Answer 14

sudo yum install amazon-cloudwatch-agent -y

Question 15

What does Cloud Trail track

Answer 15

it’s an audit log of activities in your instance

Question 16

How long are Cloud Trail Logs kept?

Answer 16

90 days (can be more)

Question 17

Are Cloud Trails Encrypted?

Answer 17

Yes

Question 18

What’s AWS Config for

Answer 18

Monitoring the configuration of AWS assets.

Question 19

What 3 things can AWS Config do?

Answer 19

1. Monitoring configuration against the desired state
2. Automatic remediation
3. Notifications