EC2

Question 1

___ is a web service that provides resizeable compute capacity in the cloud. It reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computiing requirements change.

Answer 1

ec2

Question 2

____ allows you to pay a fixed rate by the hour ( oor by the secnod) with no committment

Answer 2

on demand

Question 3

provides you with a capacity reservationo, and offer a significant discount on the hourly charge for an instance. Contract Terms are 1 year or 3 yeaar terms.

Answer 3

reserved

Question 4

enables you to bid whatever price you want for instance capacity, providing for even greater savings if your apps have flexible start and end times.

Answer 4

spot

Question 5

physical ec2 servers dedicated for your use. they can help you reduce costs by allowing you to use your existing server-bound software licenses.

Answer 5

dedicated hosts

Question 6

users that want the low cost and flexibility of ec2 without any up fronot payment or long term contract will use_____

Answer 6

on demand

Question 7

apps with short term, spiky, or unpredictble workloads thata cannot be interrupted should use ___ ec2

Answer 7

on demand

Question 8

apps being developed or tested on ec2 for the first time should use _____ instances

Answer 8

on demand

Question 9

apps with steady state or predictable usage should use thiss type of instance:

Answer 9

reserved

Question 10

apps that require reserved capacity should use this type of instance

Answer 10

reserved

Question 11

users able to make upfront payments to reduce their total computing costs even further should use this type of instance

Answer 11

reserved

Question 12

These instnaces offer up to 75% off on demand instances. The more you pay uip front nd the longer the contract, the greater the discount.

Answer 12

standrd reserved instances

Question 13

These instances offer up to 54% off on demand capability to change the attributes of the RI as long as the exchaange results in the creation of Reserved Instances of equal or greater value

Answer 13

convertible reserved instances

Question 14

these instances are availble to launch within the time windows you reserve. This option allows you to match your capcaity reservtion to a predictable recurring schedule that only requires a fraction of a day, a week, or a month.

Answer 14

scheduled reserved instances

Question 15

apps that have flexible start and end times uses this type of instance

Answer 15

spot pricing

Question 16

apps that are only feasible at very low compute pricess use this type of intsanace

Answer 16

spot pricing

Question 17

uesrs with urgent computing needs for larage amounts of additional capacity

Answer 17

spot pricing

Question 18

this type of intsance is uesful for regulatory requirementss thaat maay not support multi-tenant virtualization.

Answer 18

dedicated hosts

Question 19

thiss type of intanace is great for licensing which does not support multi-tenacy or cloud deployments.

Answer 19

dedicated hosts

Question 20

this type of instance can be purchased on demand

Answer 20

dedicated hosts

Question 21

Termination protection is turned ___ by default.

Answer 21

off

Question 22

on an ebs backed instance, the default action is for the root ebs volume to be ____ when teh instance i terminated.

Answer 22

deleted

Question 23

EBS Root volumes of your default AMIs ___ be encrypted. You ___ also uses a third party tool (such as bit locker) to encrypt the root volume, or this can be done when creating AMIs in teh AWS console or using the API.

Answer 23

can

Question 24

All ___ traffic is blocked by default

Answer 24

inbound

Question 25

SG

All ____ traffic is allowed

Answer 25

outbound

Question 26

Changes to security groups take effect _____

eventually

immediately

within 1 minute

Answer 26

immediately

Question 27

you an have ____ number of ec2 instances within a security group

Answer 27

any

Question 28

you can have ____ security groups attached to ec2 instances.

Answer 28

multiple

Question 29

security groups are ____

Answer 29

stateful

Question 30

if you create a(n) ___ rule allowing traffic___, that traffic is automatically allowed ___ again.

Answer 30

in, in ,out

Question 31

You cannot block specific IP addresses using security group, instead use ___ ___ ___ ___

Answer 31

network access control lists

Question 32

in SG you can specifically ___ rules, but not ___ rules

Answer 32

allow, deny

Question 33

___ ___ ___ provides persistent block storage volumes for use with ec2 instanaces in aws cloud. each___ volume is automatically replicated within its AZ to protect you from component failure, offering HA and durability.

Answer 33

elastic block store

Question 34

name the 5 types of ebs storage

Answer 34

general purpoes (SSD)

provisioned IOPS (SSD)

throughput optimised hard disk drive

cold hard disk drive

magnetic

Question 35

this type of ebs volume balances price and performance for a wide variety of transactional workloads

Answer 35

general purpose ssd

Question 36

this type of ebs volume is the highest performance SSD volume designed for mission criticaal apps

Answer 36

provisionoed iops ssd

Question 37

this type of ebs volume is low cost hdd volume designed for frequently aaccessed, throughput intensive workloads

Answer 37

throughput optimized hdd

Question 38

this type of ebs volume is designed for less frequently accessed workloads

Answer 38

cold hdd

Question 39

thiss type of ebs volume is a previous generation hdd

Answer 39

magnetic

Question 40

this ebs use case = most work loads

Answer 40

general purpose ssd

Question 41

this ebs use case = databases

Answer 41

provisioned iops ssd

Question 42

this ebs use case = big data and data warehouses

Answer 42

throughput optimized hdd

Question 43

this ebs use case = file servers

Answer 43

cold hdd

Question 44

this ebs use case = workloads where data is infrequently accessed

Answer 44

ebs maagnetic

Question 45

ebs api name for generaal purpose ssd

Answer 45

gp2

Question 46

ebs api name for provisioned iops ssd

Answer 46

io1

Question 47

ebs api name for throughput optimized hdd

Answer 47

st1

Question 48

ebs api name for cold hdd

Answer 48

sc1

Question 49

ebs api name for ebs maagnetic

Answer 49

standard

Question 50

general purpose ssd max iops / volume

Answer 50

16,000

Question 51

provisionied iops ssd max iops / volume

Answer 51

64,000

Question 52

throughput optimized ssd max iops / volume

Answer 52

500

Question 53

cold hdd max iops / volume

Answer 53

250

Question 54

ebs mgnetic max iops / volume

Answer 54

40-200

Question 55

general purpose ssd volume size

Answer 55

1GiB - 16 TiB

Question 56

provisioned iops ssd volume size

Answer 56

4GiB-16 TiB

Question 57

throughput optimized hdd volume size

Answer 57

500GiB - 16TiB

Question 58

Cold HDD volume size

Answer 58

500GiB- 16 TiB

Question 59

EBS Magnetic volume size

Answer 59

1 GiB- 1 TiB

Question 60

volumes exist on ___. THink of ___ as a virtual hard disk.

Answer 60

EBS

Question 61

_____ exist on S3. Think of ___ as a photograph of the disk.

Answer 61

snapshots

Question 62

___ are a point in time ocpies of volumes

Answer 62

snapshots

Question 63

Snapshots are ____ - this means that only the blocks that have changed since your last snapshot are moved to S3.

Answer 63

incremental

Question 64

if this is your first snapshot, it may take some time to create

T or F

Answer 64

T

Question 65

To create a snapshot for EBS volumes that serve as root devices, you should ___ the isntances before taking the snapshot

Answer 65

stop

Question 66

you cannot take a snap while the instance is running

T or F

Answer 66

F

You can!

Question 67

You cannot create AMIs from snapshots

Answer 67

False

you can!

Question 68

you cannot change EBS volume sizes on the fly, including changing the size and storage type.

Answer 68

False, you can!

Question 69

volumes will never be in the same AZ as the EC2 instance

T or F

Answer 69

false, they will always be in same AZ

Question 70

To move an ec2 volume from one region to another, take a snapshot of it, create an AMI from the snapshot and then copy the ami from one region to the other. then use the copied AMI to launch the new EC2 instance in the new region.

T or F

Answer 70

t

Question 71

You can select AMIs based on : pick 5:

region

OS

architecture (32 bit or 4 bit)

launch permissions

storage for the root device (instance store (ephemeral storage) (ebs backed volumes))

color

Answer 71

region

OS

architecture (32 bit or 4 bit)

launch permissions

storage for the root device (instance store (ephemeral storage) (ebs backed volumes))

Question 72

All AMIs are categorized as either backed by EBS or backed by __ ___

Answer 72

instance store

Question 73

For EBS volumes: the root device for an instance launched from the AMIs is an EBS volume created from an EBS snapshot

T or F

Answer 73

True

Question 74

FOr Instance store volumes: the root device for an instance launched from the ami is an instance store volume created from a template stored in s3.

t or f

Answer 74

t

Question 75

instance store volumes are sometimes called ____ ____

Answer 75

ephemeral storage

Question 76

___ ___volumes cannot be stopped. If the underling host fails, you WILL lose your data.

Answer 76

instance store

Question 77

___backed instances can be stopped. YOu will NOT lose the data on this instance if it is stopped.

Answer 77

EBS

Question 78

YOu can reboot both EBS and instance store volumes and not lose data.

T or F

Answer 78

T

Question 79

by default, both ___ volumes will be deleted on termination. However, with EBS volumes, you can tell AWS to keep the ___ device

Answer 79

root

root

Question 80

ENi =

Answer 80

elastic network interface

Question 81

what is an elastic network interface

Answer 81

essentially a virtual network card

Question 82

EN =

Answer 82

enhanced networking

Question 83

___ ____ uses single root IO virtualization (SR-IOV) to provide high performance networking capabilities on supported instance types.

Answer 83

enhanced networking

Question 84

___ ___ ___ a network device that you can attach to your EC2 instance to accelerate HIGH Performance COmputing and machine learning applications.

Answer 84

elastic fabric adapter

Question 85

These are the specs of what?

a primary private IPv4 address from the IPV4 address range of your VPC

one or more secondary private IPv4 addresses from teh IPv4 address range of our VPC

One elastic ip address (ipv4) per private ipv4 address

one public ipv4 address

one or more ipv6 addresses

one or more security groups

a MAC address

a source/destination check falg

a description

Answer 85

ENI

Question 86

scenarios for network interfaces:

create a management network

use network and security appliances in your VPC

create dual-homed instances with workloads/roles on distinct subnets

create a low budget, high-availbility solution.

T or F

Answer 86

T

Question 87

___ ____ uses single root IO virtualization (SR-IOV) to provide high performance networking capabilities on supported instance typoes. SR-IOV is a method of device virtualization that provides higher IO performance and lower CPU utilization when compared to traditional virtualized network interfaces.

Answer 87

enhanced networking

Question 88

___ ____ provides higher bandwidth, high packer per second(PPS) performance, and consistently lower inter-instance latencies. There is no additional charge for using ___ ___

Answer 88

enhanced networking

Question 89

use __ ___ where you want good network performance

Answer 89

enhanced networking

Question 90

___ ___ ___ supports network speeds of up to 100 GBPs for supported instance types.

Answer 90

elastic network adapter

Question 91

INtel 82599 ___ ___ interface, which supports network speeds of up to 10GBps for supported insance types. THis is typically used on older instances.

Answer 91

virtual function (VF)

Question 92

in scenario questions choose ena over VF if given the option

Answer 92

seriously. choose ENA

Question 93

a __ ___ ___ is a network device that you can attach to your EC2 instance to accelerate HIGH performance computing (HPC) and machine learning

Answer 93

elastic fabric adapter

Question 94

EFA provides ___ and more consistent latency and ___ throughput than the TCP transport traditionally used in cloud based HPC systems

Answer 94

lower, higher

Question 95

_______ enabled HPC and machine learning apps to bypass the OS kernel and to communicate directly with the EFA device. It makes it a lot faster with a lot lower latency. Not supported with WIndows currently, only Linux

Answer 95

OS-bypass

Question 96

Match each: ENI, Enahanced Network, Elastic Fabric Adaptor

for when you need to accelerate High performance computing and machine learning apps or if you need to do an OS by pass. if you see a scenario questiuon mentioning HPC or ML and asking what network adapter you want, choose this.

______

For basic networking. perhaps you need a separate management network to your production network or a separate logging network and you need to do this at a low cost. in this scnario use multiple ___ for each network.

______

For when you need speeds between 10GBps and 100GBps. anywhere you need reliable high throughput

Answer 96

Elastic Fabric Adapter

for when you need to accelerate High performance computing and machine learning apps or if you need to do an OS by pass. if you see a scenario questiuon mentioning HPC or ML and asking what network adapter you want, choose this.

ENI:

For basic networking. perhaps you need a separate management network to your production network or a separate logging network and you need to do this at a low cost. in this scnario use multiple ___ for each network.

Enhanced Network:

For when you need speeds between 10GBps and 100GBps. anywhere you need reliable high throughput

Question 97

T or F

snapshots of encypted volumes are encrypted automatically

Answer 97

T

Question 98

volumes restored from encrypted snapshots are NOT encrypted automatically

T or F

Answer 98

False they are encrypted automatically

Question 99

you can share snapshots, but only if they are unencyrpted

t or f

Answer 99

t

Question 100

these snapshots cna be shared with other AWS accounts or even made public

T or F

Answer 100

t

Question 101

you cna now encrypt root device volumes uppon creation of the ec2 instance

Answer 101

T

Question 102

old encryption method of unencrypted root volume:

create snapshot of root device volume

create a copy of snapshot and select the encrypt option

create an AMI from teh encrypted snapshot

use that AMI to launch new encrypted instances

Answer 102

Yes

Question 103

___ ____ let you take advantage of unused EC2 cap[acity in the aws cloud. ____ ___ are avialble at up to a 90% discount compared to on-demand prices. YOu can use ___ ___ for various stateless, fault-tolerant, or flexible apps, such as big data, containerized workloads, CI/CD, web servers, high performance computing (HPC) and other test and dev workloads.

Answer 103

spot instances

Question 104

The ___ spot price varies depending on region and capacity

Answer 104

hourly

Question 105

if the spot price goes above your max, you have ___ minutes to choose whether to stop or terminate your instance.

Answer 105

2

Question 106

To use spot instances, you must first decide on your max spot price. THe instance will be provisioned so long as the spot price is ___ your max spot price

Answer 106

below

Question 107

Use a ___ ___ to stop your spot instances form being temrinated even if the spot price goes over your max spot price. You can set ___ ____ for between ___ ___ hours.

Answer 107

spot blocks

spot blocks

one to six

Question 108

____ ___ are useful for the following tasks:

big data an analytics

containerized workloads

CI/CD and testing

web servers

image and media rendering

high performance computing

Answer 108

spot instances

Question 109

___instances are not good for:

persistent workloads

critical jobs

databases

Answer 109

spot

Question 110

a ___ ___ is a collection of spot instances and optionally on demand instances

Answer 110

spot fleet

Question 111

the spot fleet attempts to launch the number of spot instances and on demand instances to meet the target capacity you specified in the spot fleet request. the request for spot instances is fulfilled if there is available capacity and the max price you specified in the request ___ the current spot price. The spot fleet also attempts to maintain its target capacity fleet if your spot instances are interrupted.

Answer 111

exceeds

Question 112

T or F

spot fleets will trya nd match the target capacity with your price restraints

Answer 112

True

Question 113

launch pools:

setup different launch ____. define things like EC2 instance type, operating system, and AZ

you can have ____ pools, and the fleet will choose the best way to implement depending on the strategy you define

spot fleets will ___ launching instances once you reach your price threshold or capacity desire

Answer 113

pools

multiple

stop

Question 114

lowestprice; InstancePoolsToUseCount; diversified; capacityOptimized

match with descriptions:

the spot instances come from the pool with optimal capacity for the number of instances launching

___

the spot instances are distributed across the pools

___

the spot instances come from the pool with lowest price. default

___

the spot instances are distributed across the number of spot instance pools you specify. this parameter is valid only when used in combination with lowest price.

Answer 114

capacityOptimized - the spot instances come from the pool with optimal capacity for the number of instances launching

___

diversified - spot instances are distributed across the pools

___

lowestprice - spot instances come from the pool with lowest price. default

___

InstancePoolsToUseCount - spot instances are distributed across the number of spot instance pools you specify. this parameter is valid only when used in combination with lowest price.

Question 115

spot instances can save up to ___% of the cost of on demand instances.

Answer 115

90

Question 116

spot instances are useful for anytype of computing where you don’t need ___ storage

Answer 116

persistent

Question 117

you can block spot instances from terminating by using ___ ____

Answer 117

spot block

Question 118

a __ ___ is a collection of spot instances, and optionallyu on demand instances.

Answer 118

spot fleet

Question 119

___ saves the contents from the instance memory (RAM) to your ENS root volume. We persist the isntance’s EBS root volume and anyattache EBS data volumes.

Answer 119

Hibernation

Question 120

When you start your instance out of hibernation:

teh EBS root volume root volume is restored to its previous state

the ram contents are reloaded

the processes that were previously running the instance are resumed.

previously attached data volumes are reattached and the instance retains its instance ID

Answer 120

yes

Question 121

ec2 hibernate is good for:

long running processes

services that take time to initialize

Answer 121

yes

Question 122

to use hibernation the root volume must be encyrpted

t or f

Answer 122

t

Question 123

ec2 hibernate facts:

preserves the in memory ram on persistent storage

much faster to boot up because you dont need to reload the OS

instance RAM must be less than 150GB

instance families include c3, c4, c5, m3, m4, m5, r3, r4, and r5

available for windows, aws linux 2, ubuntu

instances can’t be hibernated for more than 60 days

Answer 123

yes

Question 124

• EFS supports the network file system verison 4 (NFSv4) protocol
• you only pay for the storage you use (no pre-provisioning required)
• can scale up to the PB
• can support thousands of concurrent NFS connections
• data is stored across multiple AZs within a region
• read after write consistency

Answer 124

yes

Question 125

instance metadata is used to get information about an instance. what can you get?

Answer 125

IP address

Question 126

what does this command do?

curl http://169.254.169.254/latest/meta-data

Answer 126

lists instance meta data

Question 127

what does this command do?

curl http://169.254.169.254/latest/user-data

Answer 127

gets instance user data

Question 128

This service is a managed windows server that runs SMB based file services

it is designed for windows and windows apps

it supports AD users, access control lists, groups and security policies, along with distributed file system (DFS) namespaces and replication.

Answer 128

Windows FSx

Question 129

FSx for ___ is a fully managed file system that is optimized for compute intensive workloads, sich as high perofrmance computing, machine learning, media data processing workflows, and electronic design automation (EDA)

Answer 129

Lustre

Question 130

with FSx, you can launch and run a ____ fiule system that can process massive data sets at up to hundreds of GB per second of throughput, millions of IOPS, and sub-millisecond latencies.

Answer 130

lustre

Question 131

FSx for Lustre can store data directly on S3

Answer 131

t

Question 132

a cluster ___ ____ is a grouping of instances within a single AZ. ___ ____ are recommended for apps that need low network latency, high network throughput, or both.

only certain isntances can be launched into a clustered __ ___

Answer 132

placement group

Question 133

a ___ placement group is a gorup of instances that are each placed on distinct underlying hardware.

Answer 133

spread

Question 134

____ placement groups are recommended for apps that have a small number of critical instances that shouldbe kept seprate from each other.

Answer 134

spread

Question 135

when using ____ placement groups, ec2 divides each group into logical segments. this uses multiple instances and isolates from hardware failure.

Answer 135

partition

Question 136

Match the placement group:

clustered, spread, partitioned

multiple ec2 instances HDFS, HBase, and Cassandra

Low Network Latency/ HIgh Network Throughput

Individual Critical EC2 intances

Answer 136

partitioned - multiple ec2 instances HDFS, HBase, and Cassandra

clustered - Low Network Latency/ HIgh Network Throughput

spread - Individual Critical EC2 intances

Question 137

a ___ placement group cannot span multiple Azs

Answer 137

clustered

Question 138

___ and ___ placement groups can span multiple AZs

Answer 138

spread and partitioned

Question 139

The name you specify for a placement group must be ____ within your AWS account.

Answer 139

unique

Question 140

only certain types of instances can be launched in a placement group

(compute optimized, GPU, memory optimized, storage optimized)

Answer 140

yes

Question 141

aws recommends _____ instances within clustered placement groups

Answer 141

homogenous

Question 142

you can merge placement groups

T or F

Answer 142

False, you cannot merge them

Question 143

you can move an existing instance into a placement group. before you move the instance, the instance must be in the stopped state. you cna move or remove an instance using the cli or sdk, you can’t do it via the console yet.

t or f

Answer 143

true

Question 144

___ ___ ___ is a network device you can attach to hyour ec2 instance to accelerate HPC and machine learning apps.

Answer 144

elastic fabric adapter

Question 145

aws ____ enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on aws.

Answer 145

batch

Question 146

aws batch supports multi node ____ jobs, which allows you to run a single job that spans multiple ec2 instances

Answer 146

parallel

Question 147

____ is an open source cluster mgmt tool that makes it easy for you to deploy and manage HPC clusters on aws.

Answer 147

parallel cluster

Question 148

____ ____ uses a simple text file to model and provision all the resources needed for your HPC apps in an automated and secure manner.

Answer 148

parallel cluster

Question 149

waf =

Answer 149

web application firewall

Question 150

___ lets you monitor the http and https requests that are forwarded to cloudfront, and app load balancer or API gateway.

it also lets you control access to your content.

Answer 150

WAF

Question 151

waf lives in what layer of OSI?

Answer 151

7

Question 152

WAF allows 3 types of behavior

1. allow all requests except the ones you specify
2. block all requests except the ones you specify
3. count the requests that match the properties you specify

Answer 152

yes

Question 153

WAF characteristics you can use to block traffic:

ip addy

country

values in headers

strings in requests

length of requests

presence of SQL code that is malicious

presence of a script that is likely to be malicious

Answer 153

yes

Question 154

Network ACLs block malicious IPs

Answer 154

yes

Question 155

What are the 2 underlying Hypervisors for EC2?

Answer 155

Xen and Nitro

Question 156

You cana only run a max of ___ instances per AZ in a spread placement group

Answer 156

7

Question 157

Which AWS CLI command should I use to create a snapshot of an EBS volume?

Answer 157

aws ec2 create-snapshot