EC2

Question 1

EC2

Answer 1

Web service that provides resizable compute capacity in the cloud

Question 2

EC2 Pricing Models

Answer 2

Dedicated, On Demand, Reserved and Spot

Question 3

Dedicated Hosts

Answer 3

Physical EC2 Server; server-bound software licenses

Question 4

On Demand

Answer 4

Pay fixed rate by the hour w/no commitment

Question 5

Spot

Answer 5

Bidding; flexible start and end times

Question 6

Reserved

Answer 6

Capacity reservation; 1/3 yr contracts

Question 7

Reserved Pricing Types

Answer 7

Standard, Convertible and Scheduled

Question 8

Spot instance termination

Answer 8

if terminated by AWS, you will not be charged for a partial hour of usage; if you terminate the instance, you will be charged

Question 9

Termination Protection

Answer 9

Turned off by default, you must turn it on

Question 10

What happens to the EBS root volume when instance gets terminated?

Answer 10

Default: Root EBS volume is deleted

Question 11

What happens to other non root volumes when instances gets terminated?

Answer 11

remains, it has to be deleted manually

Question 12

Can the EBS Root Volume of your default AMI be encrypted?

Answer 12

No but there are ways to do it

Question 13

Can additional volumes be encrypted?

Answer 13

Yes

Question 14

Inbound traffic default behavior

Answer 14

blocked

Question 15

Outbound traffic default

Answer 15

allowed

Question 16

When do changes for security groups take effect

Answer 16

immediately

Question 17

Security group relation to EC2 instances

Answer 17

M:M

Question 18

Security Group is STATEFUL

Answer 18

If you create an inbound rule, an outbound rule is created automatically (HTTP in, HTTP out). You don’t have to create it explicitly as part of the Security group Outbound rule.

Question 19

Network Access Control Lists (NACL) are STATELESS

Answer 19

If you create an inbound rule, you have to create the outbound rule explicitly; it will not be created automatically

Question 20

Blocking IP Addresses in Security Groups

Answer 20

cannot be done; it has to be done via the NACL

Question 21

Specifying rules in Security Groups

Answer 21

only allow rules, not deny rules

Question 22

EBS

Answer 22

Elastic Block Store - provides persistent block storage volumes for use with Amazon EC2 instances in the Cloud

Question 23

Types of EBS Storage

Answer 23

GP (SSD), PI (SSD), Througput Optimised HDD, Cold HDD and Magnetic

Question 24

GP SSD (Desc, Use Case, API Name, Volume Size, Max IOPS/Volume)

Answer 24

General purpose SSD, most work loads,gp2, 1 GiB- 16 TiB, 16,000

Question 25

PI SSD (Desc, Use Case, API Name, Volume Size, Max IOPS/Volume)

Answer 25

High performance, Databases, io1, 4 GiB - 16 TiB, 64,000

Question 26

Throughput Optimized HDD (Desc, Use Case, API Name, Volume Size, Max IOPS/Volume)

Answer 26

Low cost HDD for frequently accessed, throughput intensive workloads, Big Data& Data Warehouses, st1, 500GiB - 16 TiB, 500

Question 27

Cold HDD (Desc, Use Case, API Name, Volume Size, Max IOPS/Volume)

Answer 27

Lowest cost HDD for less frequently accessed workloads, File Servers, sc1, 500 GiB - 16 TiB, 250

Question 28

EBS Magnetic (Desc, Use Case, API Name, Volume Size, Max IOPS/Volume)

Answer 28

Prev gen HDD, Workloads where data is infrequently accessed, Standard, 1GiB - 1 TiB, 40-200

Question 29

EC2 instance and EBS Volume AZ

Answer 29

They have to be in the same AZ to avoid lag

Question 30

Volumes exist on

Answer 30

EBS (virtual hard disk)

Question 31

Snapshots

Answer 31

exist on S3; photographs of the disk - point in time copies of Volumes

Question 32

Snapshots are incremental

Answer 32

only the blocks that have changed since your last snapshots are moved to S3 (deltas)

Question 33

Creating first snapshot

Answer 33

will take time to create

Question 34

AMIs can be created from

Answer 34

Volumes and snapshots

Question 35

Changing EBS volume sizes on the fly can be done for

Answer 35

can be done for size and storage

Question 36

How to move an Ec2 volume from one AZ to another

Answer 36

1. Take a snapshot of it
2. Create an AMI from the snapshot
3. Use AMI to launch the Ec2 instance in the new AZ

Question 37

How to move an Ec2 volume from one region to another

Answer 37

1. Take a snapshot of it
2. Create an AMI from the snapshot
3. Copy the AMI from one region to the other
4. Use the copied AMI to launch the new Ec2 instance in the new Region

Question 38

Snapshots of encrypted volumes are

Answer 38

encrypted aumotatically

Question 39

Volumes restored from encrypted snapshots are

Answer 39

encrypted aumotatically

Question 40

When can you share snapshots

Answer 40

only if they are unecrypted

Question 41

How can you share snapshots

Answer 41

other AWS accounts or made public

Question 42

AMI can be selected based on

Answer 42

1. Region
2. OS
3. Architecture (32/64)
4. Launch Permissions
5. Storage for Root Device

Question 43

2 types of storage for root device

Answer 43

1. EBS - launched from the AMI that is an amazon EBS volume created from an Amazon EBS snapshot
2. Instance Store - launched from the AMI that is an instance store volume created from a template stored in Amazon S3

Question 44

Instance store volumes are sometimes called

Answer 44

Ephemeral Storage

Question 45

Diff between instance store volume and EBS backed instance

Answer 45

1. Instance store volumes cannot be stopped, if the underlying host fails, you will lose your data. EBS can be stopped and you will not lose data when stopped.
2. By default, both root volumes will be deleted on termination but with EBS, you can tell AWS to keep the root device volume

Question 46

Similarity between EBS and instance store

Answer 46

You can reboot both, you will not lose your data

Question 47

Root device encryption by default

Answer 47

uencrypted

Question 48

If a snapshot is encrypted, can you unencrypt it?

Answer 48

NO

Question 49

Steps to encrypt the root device volume

Answer 49

1. Create a snapshot of the unencrypted root device volume.
2. Create a copy of the Snapshot and select the encrypt option.
3. Create an AMI from the encrypted snapshot
4. Use that AMI to launch new encrypted instances

Question 50

Amazon Cloudwatch

Answer 50

is a monitoring service to monitor your AWS resources, as well as the applications that you run on AWS

Question 51

CloudWatch can monitor

Answer 51

1. Compute - EC2 instances, Autoscaling Groups, Elastic Load Balancers, Route 53 Health Checks
2. Storage & Content Delivery - EBS Volumes, Storage Gateways, CloudFront

Question 52

Host level metrics consists of

Answer 52

1. CPU
2. Network
3. Disk
4. Status Check

Question 53

AWS CloudTrail

Answer 53

increases visibility into your user and resource activity by recording AWS Management Console Actions and API calls.

Question 54

Difference between CloudWatch and CloudTrail

Answer 54

> Cloudwatch monitors performance (gym trainor) while cloudtrail monitors API calls in the AWS Platform (CCTV)
Cloudwatch = Performance; CloudTrail = Auditing

Question 55

CloudWatch with EC2 will monitor events every

Answer 55

5 mins by default (detailed monitoring can be turned on - 1 min intervals)

Question 56

Who is provisioning what resource in AWS such as S3 or EC2 – CloudTrail or CloudWatch?

Answer 56

CloudTrail

Question 57

Figuring out what the network throughput is or disk IO on your EC2 instance – CloudTrail or CloudWatch

Answer 57

CloudWatch

Question 58

What can you do with Cloudwatch?

Answer 58

1. Dashboards
2. Alarms
3. Events
4. Logs

Question 59

CLI

Answer 59

AWS Command Line Interface

Question 60

How can you use CLI to access your Ec2 instances

Answer 60

setup access in IAM

Question 61

Roles versus access key

Answer 61

1. Roles are more secure
2. Roles are easier to manage
3. Roles can be assigned to an Ec2 instance after it is created using both the console & command line.
4. Roles are universal - you can use them in any region.

Question 62

Bootstrap scripts

Answer 62

> run when an Ec2 instance first boots

> powerful way of automating software installs and updates

Question 63

Instance meta data

Answer 63

curl http://169.254.169.254/meta-data/

Question 64

Instance user data

Answer 64

curl http://169.254.169.254/user-data/

Question 65

Amazon EFS

Answer 65

a file storage service for Amazon Elastic Compute Cloud (EC2) instances

Question 66

Can an EBS volume be shared by 2 EC2 instances?

Answer 66

No

Question 67

Can EFS volume be shared by 2 EC2 instances?

Answer 67

Yes

Question 68

EFS supports

Answer 68

NFSv4 protocol

Question 69

EFS storage

Answer 69

pay for the storage you use (no pre-provisioning required)

Question 70

EFS scale

Answer 70

petabytes

Question 71

EFS can support # of concurrent NFS connections

Answer 71

thousands

Question 72

Data in EFS is stored across multiple AZs within a region - true or false

Answer 72

true

Question 73

EFS Consistency

Answer 73

Read after Write Consistency

Question 74

2 types of placement group

Answer 74

1. Clustered

2. Spread

Question 75

Cluster placement group

Answer 75

grouping of instances within a single AZ

Question 76

Cluster placement group are recommended for

Answer 76

applications that need low network latency, high network throughput or both

Question 77

Spread placement group

Answer 77

group of instances that are each placed on distinct underlying hardware

Question 78

Spread placement group are recommended for

Answer 78

applications that have a small number of critical instances that should be kept separate from each other

Question 79

Diff between spread and clustered

Answer 79

Clustered can’t span multiple AZs but spread can

Question 80

Naming of placement group

Answer 80

must be unique within your AWS account

Question 81

Types of instances that can be launched in a placement group

Answer 81

Compute Optimized, GPU, Memory Optimized, Storage Optimized

Question 82

AWS recommends what to be placed in placement groups

Answer 82

homogenous instances

Question 83

Can you merge placement groups

Answer 83

no

Question 84

can you move an existing instance into a placement group

Answer 84

no

Question 85

How to move an existing instance into a placement group

Answer 85

1. Create an AMI from your existing instance

2. Launch a new instance from the AMI into a placement group