Final Review Flashcards
The general software development lifecycle model talked about in the ACD materials consists of six general phases. Which of the following is not one of these phases?
- Maintain
- Design
- Deploy
- Plan
- Test
- Develop
- None of the above
Test
Which of the following is not generally true for a software development process that is following a strict Waterfall lifecycle model? Select two.
- Each phase has a distinct goal and is completed by performing specific kinds of tasks.
- The output of one phase is the input to the next phase.
- Developers have the flexibility of designing and implementing critical features early in the process.
- The phases are completed in sequential order.
- Customers can and are encourage to provide feedback to the team throughout the development process.
Developers have the flexibility of designing and implementing critical features early in the process.
Customers can and are encourage to provide feedback to the team throughout the development process.
With an Agile process, software is developed in short iterations, each being typically 1-4 weeks.
(True/False)
True
Only Agile processes support continuous integration and deployment activities.
(True/False)
False
When Cloud9 is hosted on an EC2 instance in AWS, is Cloud 9 IaaS, PaaS, or SaaS from the software developers’ perspective? Select the best answer.
IaaS or PaaS or SaaS
Cloud9 doesn’t neatly fall into any of the three categories. It some of the advantages of IaaS, in that starting and stopping of the EC2 is managed, but the developer need to update the OS and runtime. In some cases, the developer have to install of the runtime as well. It also some advantages of SaaS, since AWS installs Cloud9 and configures some features.
Cloud 9 supports a variety of build tools and runtime environments that allow you to work with common languages like C++, Java, PHP, and Python.
(True/False)
True
An ARN uniquely identifies an AWS resource. So when referring to a resource, it is mandatory that all the ARN subfields be specified.
(True/False)
False
An EC2 Service Client, created using an AWS SDK’s, is specific to a region.
(True/False)
True
If an EC2 Service Client throws a 500-series exception, the application should try a different operation – there is no sense in retrying the same operation.
(True/False)
False
Once a request (made through an SDK) makes it to an AWS service endpoint, it will always complete successfully.
(True/False)
False
Which of the following is not a significant benefit of using AWS X-Ray?
- Identify errors and bugs in the integration of the components that form a distributed application
- Build your own analysis and visualization applications
- Write executable unit-test cases for lambda functions
- Identify performance bottlenecks
- None of the above
- Write executable unit-test cases for lambda functions
Which of the following is not a feature of CloudWatch directly (i.e., CloudWatch itself instead of an associated service)?
- Automatically scales the number of EC2 in an Auto-Scaling Group.
- Collects and tracks metrics so that you can visualize and review them.
- Monitors your AWS Cloud resources and your cloud-powered applications.
- Lets you set alarms that will fire when a metric goes beyond a limit that you specified.
- Gives you visibility into resource utilization, application performance, and operational health.
- None of the above
Automatically scales the number of EC2 in an Auto-Scaling Group.
To take advantage of CloudTrail, you have to first enable it for your account.
(True/False)
False
Service clients (created from an AWS SDK) interact with AWS services through a RESTFul API. (True/False)
True
The AWS CLI can be used to perform operations on most kinds of AWS resources as long as the user identified by the credentials in default or specified profile is allowed to perform the operations.
(True/False)
True
Which of the following is not a best practice when developing cloud-based applications?
- Consider designing applications that are loosely coupled
- Log metrics and monitor performance
- Implement a strong DevOps model
- Design for failure
- Implement security in every layer
- None of the above
None of the above
Which of the following statements is most correct and complete?
- Authentication deals with the user account management; while authorization deals with what resources an authenticated user can access and what operations the user can perform.
- Authentication is the process of verifying usernames and passwords; while authorization deals with what resources an authenticated user can access and what operations the user can perform.
- Authentication deals with correctly identifying the user (which can be another software system) that wants to use resources; while authorization deals with the resources a user can access.
- Authentication deals with the user account management; while authorization deals with the resources a user can access.
- Authentication deals with correctly identifying the user (which can be another software system) that wants to use resources; while authorization deals with what resources the user can access and what operations the user can perform.
- Authentication is the process of verifying usernames and passwords; while authorization deals with the resources a user can access.
Authentication deals with correctly identifying the user (which can be another software system) that wants to use resources; while authorization deals with what resources the user can access and what operations the user can perform.
A user on AWS can be assigned to at most one group.
True/False
False
Roles can be used to grant transient (temporary) permissions to users or groups.
(True/False)
True
In AWS, a role can include at most one policy, but that policy can contain many permissions.
(True/False)
False
Which of the following things cannot be specified in a credential profile for programmatic access?
- Session Token
- Region
- Access Key Id
- Username and Password
- Secret Access Key
Username and Password
Which of the following are considered poor practices and are to be avoided? You may select zero or more choices.
- Use credentials files to store your credentials
- Use the root credentials of your AWS account for programmatic access
- Hardcode your credentials inside of your applications
- Once you create a key (like an access key for programmatic access), lock it in safe place and never change it
- Put your credentials file under version control and save in a Git repository
- Use IAM roles with temporary credentials for when you need to delegate temporary access to your AWS resources
- Use the root credentials of your AWS account for programmatic access
- Hardcode your credentials inside of your applications
- Once you create a key (like an access key for programmatic access), lock it in safe place and never change it
- Put your credentials file under version control and save in a Git repository
Identity-based policies are attached to the IAM user, group, or role and indicate what that identity can do.
(True/False)
True
Resource-based policies are attached to a resource and indicate what other resources the principal resource can access.
(True/False)
False