Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS > Exam2-part1 > Flashcards

Exam2-part1 Flashcards

1
Q

AWS Schema Conversion Tool (SCT)

A
  • The AWS Schema Conversion Tool makes heterogeneous database migrations predictable by automatically converting the source database schema and a majority of the database code objects, including views, stored procedures, and functions, to a format compatible with the target database.
  • SCT can also scan your application source code for embedded SQL statements and convert them as part of a database schema conversion project.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AWS Database Migration Service

A
  • You can also continuously replicate your data with high availability (enable multi-AZ) and consolidate databases into a petabyte-scale data warehouse by streaming data to Amazon Redshift and Amazon S3.
  • Supports transaction commit date partitioning in CDC Mode when you select Amazon S3 as a target. You can write data from a single source table to a time-hierarchy folder structure in Amazon S3.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Amazon GuardDuty

A

An intelligent threat detection service. It analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

GuardDuty vs Macie

A
  • Amazon GuardDuty provides broad protection of your AWS accounts, workloads, and data by helping to identify threats such as attacker reconnaissance, instance compromise, and account compromise.
  • Amazon Macie helps you protect your data in Amazon S3 by helping you classify what data you have, the value that data has to the business, and the behavior associated with access to that data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what does GuardDuty help you detect?

A
  1. GuardDuty analyzes CloudTrail management events and S3 data events
  2. GuardDuty processes all CloudTrail events that come into a region, including global events that CloudTrail sends to all regions, such as AWS IAM, AWS STS, Amazon CloudFront, and Route 53.
  3. VPC Flow Logs capture information about the IP traffic going to and from Amazon EC2 network interfaces in your VPC.
  4. If you use AWS DNS resolvers for your EC2 instances (the default setting), then GuardDuty can access and process your request and response DNS logs through the internal AWS DNS resolvers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

aws GuardDuty Trusted IP Lists and Threat Lists

A
  • Trusted IP lists consist of IP addresses that you have whitelisted for secure communication with your AWS infrastructure and applications. GuardDuty does not generate findings for IP addresses on trusted IP lists.
    At any given time, you can have only one uploaded trusted IP list per AWS account per region.
  • Threat lists consist of known malicious IP addresses. GuardDuty generates findings based on threat lists.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AWS Snowball Edge

A
  • A type of Snowball device with on-board storage and compute power for select AWS capabilities. It can undertake local processing and edge-computing workloads in addition to transferring data between your local environment and the AWS Cloud.
  • Has on-board S3-compatible storage and compute to support running Lambda functions and EC2 instances.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AWS Snowball Edge configurations

A
  • Storage optimized – this option has the most storage capacity at up to 80 TB of useable storage space, 24 vCPUs, and 32 GiB of memory for compute functionality. You can transfer up to 100 TB with a single Snowball Edge Storage Optimized device.
  • Compute optimized – this option has the most compute functionality with 52 vCPUs, 208 GiB of memory, and 7.68 TB of dedicated NVMe SSD storage for instances. This option also comes with 42 TB of additional storage space.
  • Compute Optimized with GPU – identical to the compute optimized option, save for an installed GPU, equivalent to the one available in the P3 Amazon EC2 instance type.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AWS Secrets Manager

A

AWS Secrets Manager is an AWS service that makes it easier for you to manage secrets. Secrets can be database credentials, passwords, third-party API keys, and even arbitrary text. You can store and control access to these secrets centrally by using the Secrets Manager console, the Secrets Manager command line interface (CLI), or the Secrets Manager API and SDKs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

aws kms vs secrets manager

A

KMS helps to encrypt things such as files, strings, and s3 objects.
SecretsManager stores actual secrets like passwords and such.

AWS KMS returns a plaintext data key and a copy of that data key encrypted under the KMS key.
Secrets Manager uses the plaintext data key and the Advanced Encryption Standard (AES) algorithm to encrypt the secret value outside of AWS KMS. It removes the plaintext key from memory as soon as possible after using it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS (31 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions