Final Review Flashcards
The general software development lifecycle model talked about in the ACD materials consists of six general phases. Which of the following is not one of these phases?
- Maintain
- Design
- Deploy
- Plan
- Test
- Develop
- None of the above
Test
Which of the following is not generally true for a software development process that is following a strict Waterfall lifecycle model? Select two.
- Each phase has a distinct goal and is completed by performing specific kinds of tasks.
- The output of one phase is the input to the next phase.
- Developers have the flexibility of designing and implementing critical features early in the process.
- The phases are completed in sequential order.
- Customers can and are encourage to provide feedback to the team throughout the development process.
Developers have the flexibility of designing and implementing critical features early in the process.
Customers can and are encourage to provide feedback to the team throughout the development process.
With an Agile process, software is developed in short iterations, each being typically 1-4 weeks.
(True/False)
True
Only Agile processes support continuous integration and deployment activities.
(True/False)
False
When Cloud9 is hosted on an EC2 instance in AWS, is Cloud 9 IaaS, PaaS, or SaaS from the software developers’ perspective? Select the best answer.
IaaS or PaaS or SaaS
Cloud9 doesn’t neatly fall into any of the three categories. It some of the advantages of IaaS, in that starting and stopping of the EC2 is managed, but the developer need to update the OS and runtime. In some cases, the developer have to install of the runtime as well. It also some advantages of SaaS, since AWS installs Cloud9 and configures some features.
Cloud 9 supports a variety of build tools and runtime environments that allow you to work with common languages like C++, Java, PHP, and Python.
(True/False)
True
An ARN uniquely identifies an AWS resource. So when referring to a resource, it is mandatory that all the ARN subfields be specified.
(True/False)
False
An EC2 Service Client, created using an AWS SDK’s, is specific to a region.
(True/False)
True
If an EC2 Service Client throws a 500-series exception, the application should try a different operation – there is no sense in retrying the same operation.
(True/False)
False
Once a request (made through an SDK) makes it to an AWS service endpoint, it will always complete successfully.
(True/False)
False
Which of the following is not a significant benefit of using AWS X-Ray?
- Identify errors and bugs in the integration of the components that form a distributed application
- Build your own analysis and visualization applications
- Write executable unit-test cases for lambda functions
- Identify performance bottlenecks
- None of the above
- Write executable unit-test cases for lambda functions
Which of the following is not a feature of CloudWatch directly (i.e., CloudWatch itself instead of an associated service)?
- Automatically scales the number of EC2 in an Auto-Scaling Group.
- Collects and tracks metrics so that you can visualize and review them.
- Monitors your AWS Cloud resources and your cloud-powered applications.
- Lets you set alarms that will fire when a metric goes beyond a limit that you specified.
- Gives you visibility into resource utilization, application performance, and operational health.
- None of the above
Automatically scales the number of EC2 in an Auto-Scaling Group.
To take advantage of CloudTrail, you have to first enable it for your account.
(True/False)
False
Service clients (created from an AWS SDK) interact with AWS services through a RESTFul API. (True/False)
True
The AWS CLI can be used to perform operations on most kinds of AWS resources as long as the user identified by the credentials in default or specified profile is allowed to perform the operations.
(True/False)
True
Which of the following is not a best practice when developing cloud-based applications?
- Consider designing applications that are loosely coupled
- Log metrics and monitor performance
- Implement a strong DevOps model
- Design for failure
- Implement security in every layer
- None of the above
None of the above
Which of the following statements is most correct and complete?
- Authentication deals with the user account management; while authorization deals with what resources an authenticated user can access and what operations the user can perform.
- Authentication is the process of verifying usernames and passwords; while authorization deals with what resources an authenticated user can access and what operations the user can perform.
- Authentication deals with correctly identifying the user (which can be another software system) that wants to use resources; while authorization deals with the resources a user can access.
- Authentication deals with the user account management; while authorization deals with the resources a user can access.
- Authentication deals with correctly identifying the user (which can be another software system) that wants to use resources; while authorization deals with what resources the user can access and what operations the user can perform.
- Authentication is the process of verifying usernames and passwords; while authorization deals with the resources a user can access.
Authentication deals with correctly identifying the user (which can be another software system) that wants to use resources; while authorization deals with what resources the user can access and what operations the user can perform.
A user on AWS can be assigned to at most one group.
True/False
False
Roles can be used to grant transient (temporary) permissions to users or groups.
(True/False)
True
In AWS, a role can include at most one policy, but that policy can contain many permissions.
(True/False)
False
Which of the following things cannot be specified in a credential profile for programmatic access?
- Session Token
- Region
- Access Key Id
- Username and Password
- Secret Access Key
Username and Password
Which of the following are considered poor practices and are to be avoided? You may select zero or more choices.
- Use credentials files to store your credentials
- Use the root credentials of your AWS account for programmatic access
- Hardcode your credentials inside of your applications
- Once you create a key (like an access key for programmatic access), lock it in safe place and never change it
- Put your credentials file under version control and save in a Git repository
- Use IAM roles with temporary credentials for when you need to delegate temporary access to your AWS resources
- Use the root credentials of your AWS account for programmatic access
- Hardcode your credentials inside of your applications
- Once you create a key (like an access key for programmatic access), lock it in safe place and never change it
- Put your credentials file under version control and save in a Git repository
Identity-based policies are attached to the IAM user, group, or role and indicate what that identity can do.
(True/False)
True
Resource-based policies are attached to a resource and indicate what other resources the principal resource can access.
(True/False)
False
An action in a permissions statement can reference multiple operations using a wildcard pattern.
(True/False)
True
Managed policies can be associated with multiple users, groups, or roles?
(True/False)
True
Resource-based policies can be in-line policies.
True/False
True
In-line policies can be managed under version control and rolled back if necessary?
(True/False)
False
Briefly explain the principle of least privilege. Be concise, but accurate
Only grant the minimum needed privileges to a user or group. If the user or group needs access to additional privileges only add the privileges that the user needs. Do the same thing for resources, grant minimum needed privileges, and as more access is needed grant only the needed access. If granting temporary access is sufficient, do that first before granting permanent access.`
Which of the following is not a use case for S3?
- Backup archive
- Disaster recovery
- Content storage and distribution
- Dynamic website
- Data lake
- None of the above
- Dynamic website
Bucket names must be globally unique.
True/False
True
Which of the following are not a valid bucket name? Select all invalid bucket names.
- xy
- xyz
- xy_z
- xYz
- x#z
- xy-z
- xy
- xy_z
- xYz
- x#z
There are semantic differences between prefixes in object keys and folder paths in hierarchical file systems.
(True/False)
True
An S3 object can be accessed using a path-style URL or a URL that specifies the s3 server that holds the object’s bucket.
(True/False)
False
Which of the following would be valid object keys? Select all valid keys.
- a/b/c
- a/b/c.json
- a/b-c
- A/B/C.json
- A/B/C*.json
- None of the above
- a/b/c
- a/b/c.json
- a/b-c
- A/B/C.json
- A/B/C*.json
Which of the following statements is the most correct?
- With a multipart Put operation, you can upload any data to S3 as long as you do it in chunks <= 100 MB.
- With a multipart Put operation, you can upload data up to 5TB in size.
- With a multipart Put operation, S3 will automatically resume the data transfer in the correct spot if there is a network failure.
- With a multipart Put operation, which automatically partitions large data object into chunks less than <= 100 MB.
With a multipart Put operation, you can upload data up to 5TB in size.
Multiple Get operations can be used to retrieve very large objects from S3.
(True/False)
True
A Select operation can be used to significantly reduce the amount of data that has be transferred from S3 to the client’s machine.
(True/False)
True
If you decide that you no longer need versioning on an S3 bucket that currently has versioning enabled, you can simply disable the versioning and all but the last version of an object will be deleted.
(True/False)
False
In a bucket that is versioning-enabled, you can permanently delete an object by invoking a delete request with a delete key and version ID.
(True/False)
True
Which of the following statements is not true?
- With server-side encryption, Amazon S3 encrypts your data at the object level as it writes it to disks in its data centers.
- With server-side encryption using Amazon S3-Managed Keys (SSE-S3), each object is encrypted with a unique key that employs strong multi-factor encryption.
- With server-side encryption using Customer-Provided Keys (SSE-C), S3 manages the encryption and decryption of objects.
- With client-side encryption, the customer (or the customer’s app) must provide keys to S3 so it can encrypt and decrypt objects.
- All of the above
- None of the above
With client-side encryption, the customer (or the customer’s app) must provide keys to S3 so it can encrypt and decrypt objects.
Resource-based policies can be attached to S3 objects or buckets and control who can access those resources and what operations they can perform.
(True/False)
True
Object ACLs can grant permissions to users in your account to access specific objects in an S3 bucket.
(True/False)
False
Pre-signed URLs are useful if you want your user to be able to upload a specific object to your bucket without needing AWS security credentials or permissions.
(True/False)
True
A CORS Configuration can contain as many individual rules as needed to represent the desired constraints.
(True/False)
False
Which of the following is not considered a benefit of DynamoDB?
- It has fast, consistent performance
- It is fully managed
- It can perform powerful database operations, such as nested JSON queries
- It can store JSON documents directly into Amazon DynamoDB tables
- It offers fine-grained access control
- None of the above
- None of the above
Which of the following is not considered a use case for DynamoDB?
- Global systems that require multistep distributed nested transactions.
- Data store for microservices.
- Content storage for serverless web applications.
- Data store and streaming for IoT.
- Data store for the player state in game applications.
- Data store for mobile apps.
- Global systems that require multistep distributed nested transactions.
Which of the following statements are false? Select one or more.
- DynamoDB stores data in tables with fixed schema.
- A table may contain zero or more items and an item may contain one or more attribute values.
- An item is uniquely identifiable among all other items.
- An attribute is an atomic data element from a user’s perspective.
- A table must have a primary key.
- DynamoDB stores data in tables with fixed schema.
- An attribute is an atomic data element from a user’s perspective.
Which of the following types are valid types for attributes in DynamoDB? Select all that are valid types by themselves (i.e., without any conversions or use of other data types).
- Number
- Timestamp
- String Set
- XML Document
- Date
- List
- Binary
- Number
- String Set
- List
- Binary
A partition is an allocation of storage for a table, backed by solid-state drives (SSDs), and automatically replicated across multiple Availability Zones within an AWS Region.
(True/False)
True
A global secondary index is considered “global” because queries on the index can be made from all around the world.
(True/False)
False
Secondary indexes can include other attributes besides those in the alternate and primary keys, so queries can be satisfied without having to retrieve the full items from the base table.
(True/False)
True
Which of the following statements is true about regular (not global) DynamoDB tables?
- DynamoDB automatically replicates your data across multiple Availability Zones in an AWS Region.
- DynamoDB automatically replicates your data across multiple AWS Region.
- DynamoDB can replicate your data across multiple Availability Zones in an AWS Region, if you configure to do so.
- DynamoDB can replicate your data across multiple AWS Region, if you configure to do so.
- DynamoDB automatically replicates your data across multiple Availability Zones in an AWS Region.
A DynamoDB table can be configured to support either “eventual consistency” or “strong consistency”, but not both, and once one of these options is selected, it cannot be changed.
(True/False)
False
For which of the following situations would an on-demand read/write capacity be a good option?
- You prefer the ease of paying for only what you use.
- You create new tables with unknown workloads.
- You have unpredictable application traffic.
- All of the above
- None of the above
- All of the above
Assume that an application needs to read 30 items from a DynamoDB table every second and that each item is between 21-22 KB in size. Also, assume that the application will only use eventually consistent reads. How many RCU should you provision your table with?
- 21
- 22
- 30
- 75
- 90
- 180
- None of the above
- 90
Assume that an application needs to write 10 items to a DynamoDB table every second and each item is 18 KB in size. How many WCUs should you provision your table with?
- 10
- 18
- 50
- 90
- 180
- None of the above
- 180
DynamoDB streams are organized into records and each record can contain multiple shards, where each shared corresponds to one change to item a table.
(True/False)
False
Global tables provide a fully managed solution for deploying a multi-zone database within a single region, without having to build and maintain your own replication solution.
(True/False)
False
Global tables use DynamoDB Streams to propagate changes between replicas.
(True/False)
True
Like regular DynamoDB tables, global tables support both eventually consistent and globally consistent reads, regardless of where the operation is being performed.
(True/False)
False
An on-demand backup can negatively impact a table’s performance and availability.
(True/False)
False
With a DynamoDB PutItem operation, if an existing item in the specified table has the same primary key as the new item, the new item completely replaces the existing item.
(True/False)
True
With DynamoDB, you can specific conditional expressions for UpdateItem and DeleteItem operations but not for PutItem operations.
(True/False)
False
The Scan operation is similar to a Query operation, but the Scan operation reads all items from the table or index.
(True/False)
True
Cached data is always stored in RAM, regardless of the layer or component of the system.
(True/False)
False
Which of the following two types of application workloads will benefit from caching the most?
- A read-heavy workload
- A write-heavy workload
- A read-heavy workload
Caching can benefit compute-intensive workloads that manipulate datasets.
(True/False)
True
In most cases, caching data rapidly changing data still makes sense as long as the data is structured.
(True/False)
False
When using Lazy Caching, the cached data should always be considered as stale.
(True/False)
True
Which of the following are common features of a CDN? Select all that apply.
- Can accelerate delivery of dynamic content
- Stores copies of commonly requested files close to the requesters.
- Improves the durability of the applications data
- Can improve scalability
- None of the above
- Can accelerate delivery of dynamic content
- Stores copies of commonly requested files close to the requesters.
- Can improve scalability
Amazon CloudFront can allow certain kinds of application code to run at the edges of the cloud, closer to the user.
(True/False)
True
In Amazon CloudFront, an edge location is a WiFi access point.
(True/False)
False
The Points of Presence for Amazon CloudFront include both edge locations and regional edge caches.
(True/False)
True
In Amazon CloudFront, a distribution defines, in part, how content is to be tracked.
(True/False)
True
With CloudFront, the regional edge caches determine what content needs to be cached at each PoP.
(True/False)
False
As long as users keep requesting a given file (like every minute or so), that file will stay in the CloudFront caches indefinitely.
(True/False)
False
S3 Transfer Acceleration with CloudFront supports fast, easy, and secure downloading of objects to clients, but not the uploading of object from clients.
(True/False)
False
ElastiCache runs on the same EC2 instance as the application that is using it.
(True/False)
False
If some requested data is not in its cache, ElastiCache will automatically retrieve it from the source and store it for future requests.
(True/False)
False
Which of the following statements is not true about ElastiCache?
- Every node runs either Memcached or Redis.
- A cluster is a logical grouping of one or more nodes.
- An application must access each node in a cluster separately.
- A node has a fixed amount of cache space.
- None of the above
- An application must access each node in a cluster separately.
For which of the following situations is Memcached not an acceptable choice?
- You need the simplest model possible
- You need to be able to scale out and in easily
- You must run large nodes with multiple cores or threads
- You need publish/subscribe capabilities
- All of the above
- None of the above
- You need publish/subscribe capabilities
Which of the following is a feature that Redis does not offer?
- Pub/sub capability
- Advanced data types
- Sorting/ranking datasets
- Multi-AZ deployment with failover
- Multi-threaded performance
- Simple cache to offload database burden
- Persistence
- Multi-threaded performance
What type of caching strategy does the following pseudo-code illustrate?
get an item from the cache using a key, and store the result in r
if r is null then query the database for the record r using key save an item to the cache using the key and r use the record r
- Lazy Loading
- Write Through
- Lazy Loading
Which of the following are advantages of Lazy Loading? Select all that are advantages.
- Smaller miss penalty than other strategies
- The cache only contains data that has been requested
- The data is never stale
- If a node of the cache fails, it is not too serious
- None of the above
- The cache only contains data that has been requested
- If a node of the cache fails, it is not too serious
Containers can help ensure that applications deploy quickly, reliably, and consistently.
(True/False)
True
Which of the following is not included in a container?
- operating system kernel
- some or all of the application layer of an OS
- system libraries
- system tools
- runtime
- application code
- settings
- None of the above
- operating system kernel