EXAM TIPS Flashcards
1
Q
Advantage Of Cloud: Trade capital Expense
A
For Variable Expense
2
Q
Advantage Of Cloud: Benefit from massive
A
economies of scale
3
Q
Advantage Of Cloud: Stop guessing about this
A
Capacity
4
Q
Advantage Of Cloud: Increase both of these
A
Speed and Agility
5
Q
Advantage Of Cloud:
Stop spending money and maintaining these
A
Data Centers
6
Q
Advantage Of Cloud:
How quickly can you go global
A
Minutes
7
Q
Cloud Computing Type:
Infrastructure as a service
A
IAAS
8
Q
Cloud Computing Type:
Platform as a Service
A
PAAS
9
Q
Cloud Computing Deployment Type:
Software As A Service
A
SAAS
10
Q
Cloud Computing Deployment Type:
AWS, Azure, GCP
A
Public Cloud
11
Q
Cloud Computing Deployment Type:
Hybrid
A
Mixture of public and private
12
Q
Cloud Computing Deployment Type:
Private Cloud (On Premise)
Openstack, VM Ware
A
You manage it in your datacenter
13
Q
Physical location in the world that consists of two or more Availability Zones
A
Region
14
Q
One or more discreet data centers, with redundant power, networking and power housed in separate facilities
A
Availability Zone
AZ
15
Q
Endpoints for AWS used for caching content - typically for AWS CloudFront - CDN
A
Edge Locations
16
Q
Region choice based on Data Sovereignty
A
Laws
17
Q
Regions choice based on Latency to
A
End Users
18
Q
Region choice based on AWS
A
Services
19
Q
Support Package:
Basic
A
FREE
20
Q
Support Package:
Developer
A
$29 a month and scaled based on usage
21
Q
Support Package:
Business
A
$100 a month and scaled based on usage
22
Q
Support Package:
Enterprise
A
$15,000 a month and scaled based on usage
23
Q
Additional benefit of Enterprise Support Package
A
Technical Account Manager
TAM
24
Q
Identity Access Management
A
IAM
25
IAM is Global
You do not specify a region when dealing with IAM
26
When you create a user group with IAM this is created.
GLOBALLY
27
AWS Platform Access;
| Console
console
28
AWS Platform Access:
| Programatically
Using command line
29
AWS Platform Access
| Using Software Developers Kit
SDK
30
Email address you used to set up your AWS account
Root Account
31
What level of access does the Root Account have
Full administrator access
32
Who should you give your root account credentials away to?
No One
| EVER
33
To avoid using the Root Account create
a User for each individual within your organization,
34
The best way to secure your root account is to use
multi-factor authentication
35
A place to store your users
Group
36
Users will inherit all permissions
That the group has
37
To set permissions in a group you need to apply a
Policy
38
Policies consist of Javascript Notation (JSON)
Key Value Pairs
{"name":"A Cloud Guru"}
39
S3:
| File Type
Object based
allows you to upload files
40
S3:
| Files can be from 0 Bytes to
5 TB
41
S3:
| Storage
Unlimited
42
S3:
| File Storage
in Buckets.
43
S3:
| Namespace
Universal
| Names must be globally unique
44
S3:
| Url
https: //.amazonaws.com/
https: //s3-eu-west-1.amazonaws.com/acloudguru
45
S3:
| Operating system installation
Not suitable
46
S3:
| Successful upload code
HTTP 200
47
S3:
| Key
Name of the object
48
S3:
| Value
Data made up of a sequence of bytes.
49
PUTS of NEW objects
READ after WRITE consistency: RAW
50
Overwrite of PUTS and Deletes
Can take time and
| Eventual Consistency
51
S3: stored redundantly across multiple devices in multiple facilities and designed to sustain loss of 2 facilities concurrently
S3 Standard
52
S3: For data that is accessed less frequently but requires rapid access when needed
S3 - IA
53
S3 I-A is less expensive than S3 BUT you are charged a
Retrieval Fee
54
S3: Lower cost option for infrequently accessed data but do not require multiple availability zone dat resilience
S3 One Zone - IA
55
S3: Designed to optimize costs by automatically moving data to the most cost effective tier, without performance impact or operational overhead
S3 - Intelligent Tiering
56
S3: Secure, durable, low-cost storage class for data archiving with retrieval time from minutes to hours
S3 Glacier
57
S3: Amazon's lowest-cost storage class where a retrieval time of 12 hours is acceptable
S3 Glacier Deep Archive
58
S3 Standard Availability
99.99%
59
S3 Standard
| Durability
99.999999999%
| 11 9s
60
S3 Bucket Names: Share a common name space thus you cannot have the same bucket name as
Someone else
61
S3 bucket:
| Viewed
Globally
62
S3 Bucket:
| Region
can be in individual regions
63
S3 Bucket: replicate the contents of one bucket to another bucket automatiicly
Cross Region Replication
64
How quickly can you change storage classes and encryption of your objects
On the fly
65
S3 Bucket Access:
| Applies across whole bucket
Bucket Policy
66
S3 Bucket Access: Applies to individual files
Object Policies
67
S3 Bucket Access: Applies to users and groups
IAM Policies to Users & Groups
68
S3 Website Hosting:
Static websites such as .html
69
S3 Website Hosting - Wordpress
Cannot be hosted on S3
70
S3 Scales:
| To meet your demand
Automatically
71
The location where content will be cached and is separate to an AWS Region/AZ
Edge Location
72
Origin of all files that the CDN will distribute
Origin
73
Origin Type:
| S3
Bucket
74
Origin Type:
| EC2
Instance
75
Origin Type:
| Elastic Load Balancer
ELB
76
Origin Type:
| Route
53
77
Name given to the CDN that consists of a collection of Edge Locations
Distribution
78
Distribution used for Websites
Web Distribution
79
Distribution used for media streaming
RTMP
80
Edge locations are not just READ only
You can WRITE to them too.
| Put an object on them
81
Objects are cached for the life of
Time To Live
| TTL
82
Cached objects can be cleared BUT you
Will be charged
83
Web Service that provides resizable compute capacity in the cloud
Amazon Elastic Compute Cloud
| EC2
84
Amazon EC2 reduces the time required to obtain and boot new server instances to minutes allowing your to scale capacity
Up and Down as computing requirements change.
85
Pricing: Allows you to pay a fixed rate by the hour (or second) with no commitment
On Demand
86
Pricing: Provides you with a capacity reservation, an offers a significant discount on the hour charge for an instance
Reserved
87
Reserved contract terms
1 Year and 3 Years
88
Pricing: Enables you to bid whatever price you want for instance capacity, providing for even greater savings if you applications have flexible start and end times
Spot
89
Pricing: Physical EC2 server dedicated for your use
Dedicated Hosts
90
Dedicated Hosts can reduce costs by allowing you to use your existing
server-bound software licenses
91
Spot Instances: If AWS terminates them
You will not be charged
92
Spot Instances: If you terminate the instance yourself
You will be charged for any hour the instance ran,
93
Virtual firewalls in the cloud
Security Groups
94
Port: SSH
22
95
Port: HTTP
80
96
Port: HTTPS
443
97
Port: RDP
3389
98
Always design for failure by having one EC2 instance
In each AZ
99
Much more secure and easier to manage than access key id's and secret access keys
Roles
100
When you apply roles to EC2 instances at any time - how quickly will these changes take place
Immediately
101
Roles are
Universal
102
Load Balancers:
| Layer 7 and Make Intelligent Decisions
Application Load Balancer
103
Load Balancer:
| Extreme performance and static IP addresses
Network Load Balancer
104
Load Balancer:
| Test & Dev to keep costs low
Classic Load Balancer
105
DynamoDB
No SQL
106
Red Shift
OLAP
107
RDS (SQL/OLTP)
SQL, MySQL, PostgreSQL, Oracle, Aurora, MariaDB
108
Business Intelligence or Data Warehousing
Redshift
109
To speed up performance of existing databases
Elasticache
| Frequent Identical Queries)
110
RDS: For Disaster Recovery
Multi-AZ
111
RDS: For Performance
Read Replicas
112
Amazon's DNS
Route 53
113
Route 53 is similar to IAM and S3 in that it's
Global
114
Route 53: Directs traffice
All around the world
115
Route 53: Register
Domain Names
116
Quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications
Elastic Beanstalk
117
With Elastic Beanstalk you simply upload you application and
it automatically handles the details of capacity Provisioning, load balancing, scaling and app health
118
Service that helps you model and set up your AWS resources so you can spend less time managing those resources and more time focusing on your app.
AWS CloudFormation
119
With AWS CloudFormation you create this that describes all the AWS resources you want and it takes care of provisioning and configuration for you
Template
120
With AWS CloudFormation you don't need to individually create and configure AWS resources and figure out what is dependent on what.
Handles Dependencies
121
Free Services
Elastic Beanstalk and CloudFront
122
Resources provisioned by Elastic Beanstalk and CloudFront are
NOT FREE
| like EC2 instances
123
Limited in what it can provision and is not programmable
Elastic Beanstalk
124
Can provision almost any AWS service and is completely programmable
AWS CloudFormation
125
https://dl.awsstatic.com/whitepapers/aws-overview.pdf
Read the day before the exam
126
Important Global Services
```
IAM
Route53
CloudFront
SNS
SES
```
127
AWS On Premise Services
```
Snowball
Snowball Edge
Storage Gateway
CodeDeploy
Opsworks
IoT Greengrass
```
128
Used for monitoring and performance
CloudWatch
129
CloudWatch can monitor most of AWS as well as
Your apps that run on AWS
130
By default CloudWatch with EC2 will monitor events
Every 5 minutes
131
CloudWatch detailed monitoring that must be turned on
1 minute intervals
132
You can create CloudWatch alarms with these
Trigger Notifications
133
CloudWatch is all about
Performance
134
Used to manage fleets of EC2 instances and VMs
Systems Manager
135
Systems Manager: This is installed on each VM
Piece of software
136
Systems Manager: location
inside AWS and on premise
137
Systems Manager: command to install, patch and uninstall software
RUN
138
Systems Manager: Integrates with this and gives you a dashboard of you entire estate.
CloudWatch
139
Alert you automatically when a certain level of AWS spend has been reached.
Billing Alerts/ Billing Alarms
140
S3: to make entire buckets public
Bucket Policies
141
Compute based server that is NOT serverless but is in fact a server
EC2
142
EC2: Connect
Private Key
143
Allows you to provision multiple EC2 instances behind a load balancer automatically depending on demand
Autoscaling
144
Capital expenditure where you pay up front
CAPEX
| fixed cost
145
Operational Expenditure where you pay for what you use
OPEX
| Utility bill, - electric, gas, water
146
Service used to budget or predict costs BEFORE they are incurred
Budgets
147
Service used to explore costs AFTER they have occurred
AWS Cost Explorer
148
Developer: General guidance
< 24 business hours
149
Developer: System Impaired
< 12 business hours
150
Business: General Guidance
< 24 hours
151
Business: System Impaired
< 12 hours
152
Business: Prod System Impaired
< 4 hours
153
Business: Prod System Down
< 1 hour
154
Enterprise: General Guidance
< 24 hours
155
Enterprise: System Impaired
< 12 hours
156
Enterprise: Prod System Impaired
< 4 hours
157
Enterprise: Prod System Down
< 1 hour
158
Enterprise: Business Critical system down
< 15 minutes
159
Attached to AWS Resources
Key Value Pairs
160
Data about Data
Metadata
161
Tag: Inheritence
Sometimes
162
Make it easy to group your resources using tags that are assigned to them.
Resource Groups
163
When groups share one or more tags
Put them in Resource Groups
164
Resource Groups by
Region
Name
Health Checks
165
You can apply automation to resources specified to specific tags with
Resource Groups
166
Resource groups combined with aws systems manager allow you to
Automate and control entire fleets of EC2 instances. with the push of a button
167
Global Service that allows discovery of resources and addition of tags to them
Tag Editor
168
The compatibility of Tag Editor is dubious for
New Regions
169
Best Practice: Always enable this on root account
Multi-Factor Authentication
170
Best Practice: use strong and complex one for root account
Password
171
Best Practice: Used for billing purposes only
Paying account.
| Do not deploy resources here,
172
Linked Account: Limit
20
173
Linked Account: Increase request
contact support
174
Billing Alerts: When this is enabled on the paying account, the billing data for all linked accounts is
Included
175
Billing Alerts: can be created for
Individual Accounts
176
CloudTrail: Per AWS Account and is enabled per
Region
177
CloudTrail can consolidate logs
1 Turn on CloudTrail in paying account
2 Create bucket policy that allows cross-account access
3 Turn on CloudFront in other accounts and use he bucket in the paying account
178
Allows you to get volume discounts on all your accounts
Consolidated Billing
179
Unused reserved instances for EC2 are applied
Across the group
180
On a per account and per region basis
CloudTrail
181
CloudTrail can be aggregated into a single bucket belonging to the
Paying Account
182
Service to deploy environments quickly, using CloudFormation templates built by AWS Solutions Architects that are experts in a particular technology
AWS Quick Start
183
Solution that helps users quickly set up secure, multi-account AWS environments based on AWS best practices
AWS Landing Zone
184
Used to calculate your running costs on AWS on a per month basis
Simple Monthly Calculator
185
Simple Monthly Calculator is NOT a
Comparison Tool
186
Used to compare costs of running your infrastructure on premise vs AWS Cloud,.
AWS TCO Calculator
187
AWS TCO Calculator generates these to help c level execs move to the cloud
Reports
188
Service designed to stop hackers
Web Application Firewall
| WAF
189
Mitigation service designed to stop DDOS attacks
AWS Shield
190
Service used for inspecting EC2 instances for vurlnerabilities
AWS Inspector
191
Inspects your AWS account as a whole providing more than just security checks - cost optimization, Performance and Fault Tolerance
AWS Trusted Advisor
192
Increases visibility into your user and resource activity by recording AWS Management Console actions and API calls
CloudWatch
193
CloudWatch identifies users and accounts
that called AWS
194
CloudWatch identifies where calls were made from via
Source IP Address
195
CloudWatch identifies when calls
were made
196
Used for monitoring performance
CloudWatch
197
Used to monitor configurations of AWS Resources
AWS Config
198
Interactive query service that allows you to query data located in S3 using standard SQL
Athena
199
Athena compute model
Serverless
200
Common use case for Athena
Analyze log data stored in S3
201
Uses AI to analyze data in S3 and helps identify PII
Amazon Macie
202
Amazon Macie can be used to analyze these for suspicious API activity
CloudTrail logs
203
Athena includes Reports and Alerting
Dashboards
204
Athena is great for preventing ID theft and for
PCI-DSS compliance
205
Used to retrieve compliance reports
AWS Artifact
