Domain 4

Question 1

True or False - Ephemeral storage is lowest cost and is temporary

Answer 1

True

Question 2

True or False - EBS provides snapshot functionality

Answer 2

True

Question 3

What is an EBS snapshot?

Answer 3

Amazon Elastic Block Store (EBS) snapshots are point-in-time copies of your Amazon EBS volumes. Snapshots are incremental, meaning that only the data that has changed since your last snapshot is saved,

Question 4

What is AWS Trusted Advisor?

Answer 4

AWS Trusted Advisor is a service that provides real-time guidance to help you optimize your AWS environment according to best practices. It analyzes your AWS resources to help you reduce costs, improve performance, enhance security, and increase fault tolerance.

Question 5

How can CloudWatch help with Cost Savings?

Answer 5

1. Metrics to help better understand over or under utilization
2. Alarms - Cost alarms
3. Auto scaling - Increase or decrease the number of instances based on demand
4. Automation - Trigger AWS lambda functions based on CloudWatch events to automate actions like shutting down unused instances during off-hours

Question 6

What does WAF protect against?

Answer 6

1. SQL Injection
2. Bots
3. DDoS mitigation

Note - Pay only for what you use

Question 7

Cost Explorer

Answer 7

SEE patterns in AWS spending over time, project future costs, identify areas that need further inquiry, observe Reserved Instance utilization, observe Reserved Instance coverage, and receive Reserved Instance recommendations.

Question 8

What is AWS Budgets

Answer 8

Set custom budgets that trigger alerts when cost or usage exceed (or are forecasted to exceed) a budgeted amount. Budgets can be set based on tags and accounts as well as resource types.

Question 9

What is CloudWatch

Answer 9

Collect and track metrics, monitor log files, set alarms, and automatically react to changes in AWS resources.

Question 10

Cloud Trail

Answer 10

Log, continuously monitor, and retain account activity related to actions across AWS infrastructure at low cost.

Question 11

S3 Analytics

Answer 11

Automated analysis and visualization of Amazon S3 storage patterns to help you decide when to shift data to a different storage class.

Question 12

Cost and Usage Report

Answer 12

Granular raw data files detailing your hourly AWS usage across accounts used for Do-It-Yourself (DIY) analysis (e.g., determining which Amazon S3 bucket is driving data transfer spend). The AWS Cost and Usage Report has dynamic columns that populate depending on the services you use.

Question 13

Cost allocation tags

Answer 13

Cost allocation tags are labels that you assign to your AWS resources to organize and manage cost reporting. They allow you to categorize and track your AWS costs by defining how costs are allocated across different areas of your business

Question 14

What is AWS Systems Manager

Answer 14

AWS Systems Manager is a service that helps you manage and automate operational tasks across your AWS resources.

Question 15

What is AWS Backup

Answer 15

AWS Backup is designed to provide a simple and scalable solution for backing up data across AWS services, enabling you to protect critical workloads and ensure business continuity with minimal manual intervention.

Question 16

What is AWS Snowmobile?

Answer 16

AWS Snowmobile is a service designed to transfer extremely large amounts of data to AWS. It is essentially an exabyte-scale data transfer service used when you need to move large volumes of data—up to 100 petabytes per Snowmobile—directly to AWS. Here’s a closer look at AWS Snowmobile and its key features:

Question 17

What is the Snow family?

Answer 17

Snowcone - 8 terabytes of storage. Ideal for edge computing, storage, and data transfer in remote or rugged environments with limited space or connectivity.

Snowball - Snowball devices are designed for efficient data transfer and can also perform edge computing tasks.

Snowmobile - Snowmobile is a massive, truck-sized data transfer service capable of moving up to 100 petabytes of data in a single trip.

Question 18

Summarize CloudFront and cost management

Answer 18

By optimizing content delivery and reducing unnecessary data transfer, Amazon CloudFront helps in managing operational costs effectively while maintaining high performance and security standards. The combination of caching, efficient data transfer, and integrated edge computing capabilities makes CloudFront a cost-effective choice for delivering content globally.

Question 19

What does right sizing mean

Answer 19

Right sizing is a concept in cloud computing and IT resource management that involves adjusting the size and configuration of computing resources to best fit the actual workload needs.

Question 20

What does elasticity mean

Answer 20

Elasticity in the context of cloud computing refers to the ability of a cloud service to automatically scale its resource capacity up or down according to the current demand.

Question 21

How does ElastiCache help with performance and scalability?

Answer 21

ElastiCache allows you to significantly improve application performance by caching frequently accessed data and reducing the load on backend databases.

It supports horizontal scaling with the ability to add or remove nodes on demand and provides read replicas and sharding for Redis to scale read-heavy and write-heavy workloads.

Question 22

How does ElastiCache help with High Availability and Reliability

Answer 22

Automatic Failover: In case of a node failure, ElastiCache can automatically detect the failure and reroute traffic to healthy nodes.

Multi-AZ Deployments: For Redis, ElastiCache supports Multi-AZ with automatic failover, ensuring high availability and reliability of your cached data.

Question 23

When to use ALB, NLB, CLB, GLB

Answer 23

ALB - Load balancing HTTP and HTTPS layer 7 traffic (application layer)

NLB - TCP and UDP traffic and operate at Layer 4 (transport layer)

CLB - Basic level 4 and 7 with no advanced features

GLB - Global user base ensures high availability and automatically directs traffic to healthy endpoints

Question 24

Summarize Read Replicas

Answer 24

Read replicas are created using asynchronous replication from the source database instance. This means changes made to the primary database are eventually propagated to the replicas, though there might be some replication lag.

As the name suggests, read replicas are used for read-only operations, such as SELECT queries, to alleviate the load on the primary database, which handles write operations.

In certain scenarios, read replicas can be promoted to standalone instances to serve as a backup in case the primary database becomes unavailable, although they do not provide automatic failover capabilities like a Multi-AZ deployment.

Question 25

What is RTO?

Answer 25

Recovery Time Object - It represents the maximum acceptable amount of time that a system, application, or business process can be down after a failure or disaster before it must be restored to operational status.

Question 26

What is RPO?

Answer 26

Recovery Point Object - It defines the maximum acceptable amount of data loss measured in time that a business can tolerate due to a disruption. In other words, RPO represents the age of the data you need to restore in order to resume normal operations after a failure.

Question 27

What is Throttling

Answer 27

Throttling is a technique used to control the amount of traffic sent or received by a network or a server application. It helps prevent overload by limiting the number of requests that can be processed over a specified period.

Question 28

Summarize Routes in a VPC

Answer 28

Within a VPC, routing is a crucial aspect that determines how network traffic is directed. Routes in a VPC are specified in route tables, which control the network traffic flow within and outside the VPC.

Question 29

Common Route Targets

Answer 29

Internet Gateway - A route to an IGW is necessary for public subnets, which allow outbound internet traffic.

NAT Gateway/Instance: Allows instances in a private subnet to initiate outbound IPv4 traffic to the internet, while preventing the internet from initiating a connection with those instances.

Virtual Private Gateway: Connects your VPC to a VPN or a Direct Connect connection for communication with on-premises networks.

Virtual Private Gateway: Connects your VPC to a VPN or a Direct Connect connection for communication with on-premises networks.

Transit Gateway: Facilitates connectivity between VPCs, AWS accounts, and on-premises networks.