Deck 1 Flashcards
Which database service is designed for graphs (like social media)?
Neptune
What is the fastest way to set up streaming from S3 to Kinesis Data Streams?
AWS Data Migration Service can bridge S3 and KDS without adding any code.
What two services are needed for a heterogenous database migration (from Oracle to Aurora, for example)?
Database Migration Service (used for any migration) and Schema Conversion Tool (to convert from one database type to another).
What tool is used for analyzing API calls within an AWS account?
CloudTrail
What has cheaper data transfer pricing, AWS Direct Connect or sending over the internet?
Direct Connect
Fully managed petabyte-scale cloud based data warehouse product designed for large scale data set storage and analysis
Amazon Redshift
How does Redshift Spectrum save cost on compute intensive data tasks?
Spectrums lives on dedicated spectrum servers, so it doesn’t use your cluster for computation. It can also efficiently query and retrieve structured and semi structured data from S3 without loading it into your Redshift tables.
If you specify the targets of a Network Load Balancer with instance IDs, what is used to route traffic to the correct instance?
The primary private IP address specified in the primary network interface for the instance.
On an EC2 instance, do scripts entered as User Data have root user privileges for executing by default?
Yes. By default, scripts entered as user data are executed as root, so they don’t require the SUDO command.
On an EC2 instance, when are scripts entered as User Data run by default?
Only during the boot cycle.
What is the purpose of an Aurora Replica?
An Aurora Replica is a replica of the original Aurora database that only supports read operations, allowing you to offload these from the primary instance.
What is CloudFront?
CloudFront is a web service that distributes your content to edge locations. Then it routes requests to the nearest edge location, improving latency.
What is AWS Global Accelerator?
Global Accelerator allows you to create standard or custom accelerators.
A standard accelerator routes traffic to the optimal regional endpoint to increase availability of your app.
Custom accelerators let you map users to specific destinations.
What suffix is required in the name of an SQS FIFO queue?
*.fifo
How many messages per second can SQS FIFO queues support with and without batching?
3000 with, 300 without
What is AWS Certificate Manager?
A service that lets you provision, manage ,and deploy public and private SSL/TLS certificates for use with your AWS services and connected resources.
How can you use AWS Config to check for expiring SSL/TLS certificates?
Managed rules, which let you automatically evaluate whether your resources comply with best practices.
What is Transit Gateway?
It connects your VPCs and on-premises networks through a central hub, eliminating complex peering relationships.
What are the advantages of the AWS S3 sync bucket command?
Lists source and target buckets to identify objects that need to be copied, identified objects with a different “last modified” date in source and target, and only copies the current version of each object.
What is S3 Batch Replication?
Replication on demand (rather than live for new objects).
How can Global Accelerator be used for blue/green deployments?
With endpoints weights, which determine the proportion of traffic that is directed to endpoints within and endpoint group, and traffic dials, which control the percent of traffic directed to each endpoint group.
What supports security groups, NAT instance or NAT Gateway?
Instance
What supports port forwarding, NAT Instance or NAT Gateway?
Instance
Which can be used as a bastion server, NAT gateway or NAT instance?
Instance
What is a bastion server?
A special server instance designed to be the primary access point from the internet and acts as a proxy to other EC2 instances.
What do Lambda functions have access to by default?
Any public Internet address, including public AWS APIs.
What does VPC-Enabling a Lambda function do?
Gives it access to the private resources INSIDE that VPC.
What should you do if you plan to reuse code in more than one Lambda function?
Create a Lambda Layer, a ZIP archive of libraries, custom runtimes, and other dependencies. Your function will be able to draw on this for that reusable code.
What is Guard Duty?
A threat detection service that looks for malicious or unauthorized activity.
What data sources can be used by Guard Duty?
VPC Flow Logs, Domain Name System (DNS), and CloudTrail events
The AWS S3 sync bucket command will copy which version of an object?
Only the current version
What two services can be used for creating decoupled applications?
AWS SQS (Simple Queue Service) and AWS SWF (Simple Workflow Service)
What is SWF (Simple Workflow Service)?
A service for coordinating work across distributed application components.
What is the visibility timeout for SQS?
A period in which SQS prevents consuming components from receiving or processing a message.
What does SQS do with messages that have been in the queue longer than the maximum message retention period?
Delete!
Can you assign priority to some messages in SQS?
No
What kind of objects can S3 Batch Replication replicate?
It lets you replicate objects that existed before replication config was in place, objects that have been previously replicated, and objects that failed replication.
What is Lambda SnapStart?
With SnapStart, Lambda initializes functions as new versions are published, takes a firecracker microVM snapshot of memory and disk, encrypts the snapshot, and caches it for low latency access
What is the CloudFormation Instance Scheduler template?
This allows you to set start and stop times for your EC2 and RDS instances, matching your application’s operating hours.
Is DynamoDB compatible with mySQL?
No
Is Aurora compatible with MySQL?
Yes
How can you detect unusual spending patterns in your infrastructure?
AWS Cost Anomaly Detection on the AWS Billing and Cost Management console
What is AWS Control Tower?
Service for setting up and governing an AWS multi account environment.
What is DynamoDB Accelerator (DAX)?
DAX is an in-memory cache purpose-built for Dynamo to serve more balanced or read-heavy workloads.
What is Fargate?
A serverless computer engine for containers that works with ECS and EKS (elastic kubernetes)
Can ALBs route requests based on URL?
Yes!
Should a bastion host be deployed in a public or private subnet?
Public
