General

Question 1

6 Benefits of the Cloud

Answer 1

1. Trade Capex for variable expense (OPEX)
2. Benefit from massive economies of scale
3. Stop Guessing Capacity
4. Increase Speed and Agility
5. Stop spending money running and maintaining data centers
6. Go Global in minutes

Question 2

A service that checks applications for security vulnerabilities and deviations from best practices

Answer 2

Amazon Inspector

Question 3

A service that provides intelligent threat detection for your AWS infrastructure and resources.

Answer 3

Amazon GuardDuty

Question 4

Which compute option reduces costs when you commit to a consistent amount of compute usage for a 1-year or 3-year term?

Answer 4

Savings Plans. Note Reserved instances do not require a commitment. Key word is consistent amount of compute

Question 5

ElastiCache

Answer 5

Amazon ElastiCache is a service that adds caching layers on top of your databases to help improve the read times of common request

Question 6

EC2 Instance stores

Answer 6

Instance stores are ideal for temporary data that does not need to be kept long term. When an Amazon EC2 instance is stopped or terminated, all the data that has been written to the attached instance store is deleted.

EC2 Instance Store has a better I/O performance, but data is lost if: the EC2 instance is stopped or terminated, or when the underlying disk drive fails.

Question 7

AWS Direct Connect

Answer 7

AWS Direct Connect is a service that enables you to establish a dedicated private connection between your data center and VPC (virtual private cloud).

The private connection that AWS Direct Connect provides helps you to reduce network costs and increase the amount of bandwidth that can travel through your network.

Question 8

Virtual Private Gateway

Answer 8

A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network. A virtual private gateway allows traffic into the VPC only if it is coming from an approved network.

Question 9

Amazon SageMaker

Answer 9

Amazon SageMaker is a service that enables you to quickly build, train, and deploy machine learning models

Question 10

DeepRacer

Answer 10

AWS DeepRacer is an autonomous 1/18 scale race car that you can use to test reinforcement learning models.

Question 11

Availability Zone (AZ)

Answer 11

An AZ consists of one or more discrete data centers, each with redundant power, networking, and connectivity housed in separate facilities. Each AZ is isolated but the AZs in a region are connected through low-latency links.

Question 12

AWS Cost Explorer

Answer 12

Easy to use interface that lets you visualize, understand and manage your AWS costs and usage over time

Question 13

5 Characteristics of Cloud Computing

Answer 13

1. On-demand Self Service
2. Broad Network Access
3. Multi-Tenancy and Resource Pooling
4. Rapid elasticity and Scalability
5. Measured Service

Question 14

IAM Roles

Answer 14

Some AWS service will need to perform actions on your behalf. To do so, you assign permissions to AWS services with IAM Roles.

Question 15

Elastic File Share

Answer 15

Amazon EFS is a fully managed service that makes it easy to set up, scale, and cost-optimize file storage in the Amazon Cloud

Question 16

Glue

Answer 16

AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics.

Question 17

Fargate

Answer 17

Fargate allows you to launch Docker containers on AWS, and you don’t need to provision and maintain the infrastructure (=no EC2 instances to manage). It is serverless.

Question 18

AWS CloudFormation

Answer 18

AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.

Question 19

WaveLength

Answer 19

AWS Wavelength is an AWS Infrastructure offering optimized for mobile edge computing applications. Wavelength combines the high bandwidth and ultra-low latency of 5G networks with AWS compute and storage services to enable developers to innovate and build a whole new class of applications.

Question 20

Cloud Development Kit (AWS CDK)

Answer 20

The AWS Cloud Development Kit (AWS CDK) is an open source software development framework to define your cloud application resources using familiar programming languages.

Question 21

CloudFormation

Answer 21

AWS CloudFormation provides a common language for you to model and provision AWS and third party application resources in your cloud environment. It allows you to deploy Infrastructure as a Code.

AWS CloudFormation templates are JSON or YAML-formatted text files. They are declarations of the AWS resources that make up a stack.

Question 22

Elastic Beanstalk

Answer 22

Elastic Beanstalk is a Platform as a Service (PaaS). You only manage data and applications. AWS Elastic Beanstalk makes it even easier for developers to quickly deploy and manage applications in the AWS Cloud

Question 23

CodeArtifact

Answer 23

AWS CodeArtifact is a fully managed artifact repository (also called code dependencies) service that makes it easy for organizations of any size to securely store, publish, and share software packages used in their software development process.

Question 24

CodeCommit

Answer 24

CodeCommit is a secure, highly scalable, managed source control service that makes it easier for teams to collaborate on code. It also provides software version control.

Question 25

CodeBuild

Answer 25

CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers, it is serverless.

Question 26

S3 Transfer Acceleration

Answer 26

Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.

Question 27

Route53

Answer 27

Route 53 features are (non exhaustive list): Domain Registration, DNS, Health Checks, Routing Policy.

DOES NOT DO DDOS

Question 28

5 pillars of Well Architected Frameworks

Answer 28

1. Operational Excellence
2. Security
3. Reliability
4. Performance Efficiency
5. Cost Optimization

Question 29

Origin

Answer 29

The server from which Amazon CloudFront gets your files

Question 30

CloudTrail

Answer 30

With CloudTrail, you can view a complete history of user activity and API calls for your applications and resources.

Events are typically updated in CloudTrail within 15 minutes after an API call was made. You can filter events by specifying the time and date that an API call occurred, the user who requested the action, the type of resource that was involved in the API call, and more.

Question 31

CloudTrail Insights

Answer 31

AWS CloudTrail Insights helps AWS users identify and respond to unusual activity associated with write API calls by continuously analyzing CloudTrail management events.

Question 32

CloudTrail

Answer 32

CloudTrail can record the history of events/API calls made within you AWS account, which will help determine who or what deleted the resource. You should investigate it first.

Question 33

VPC

Answer 33

virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC.

Question 34

Directory Services (Microsoft Active Directory)

Answer 34

AWS Directory Service makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory.

Question 35

Security Token Services (STS)

Answer 35

AWS Security Token Service (AWS STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).

Question 36

Cognito

Answer 36

Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily

Question 37

SSO (Single Sign on)

Answer 37

One log in to access multiple accounts. Integreted with AWS Organizations

Question 38

Inspector

Answer 38

Automated Security for EC2 instances

Question 39

SCP - Service Control Policies

Answer 39

Service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization. An SCP spans all IAM users, groups, and roles, including the AWS account root user.

Question 40

Control Tower

Answer 40

AWS Control Tower offers the easiest way to set up and govern a new, secure, multi-account AWS environment. It establishes a landing zone that is based on best-practices blueprints, and enables governance using guardrails you can choose from a pre-packaged list.

Question 41

Elastic Transcoder

Answer 41

Amazon Elastic Transcoder is media transcoding in the cloud. It is used to convert media files from their source format into versions that will play back on devices like smartphones, tablets, and PCs.

Question 42

AppStream

Answer 42

Amazon AppStream 2.0 is a fully managed non-persistent application and desktop streaming service that provides users instant access to their desktop applications from anywhere.

Question 43

Device Farm

Answer 43

AWS Device Farm is an application testing service that lets you improve the quality of your web and mobile apps by testing them across an extensive range of desktop browsers and real mobile devices; without having to provision and manage any testing infrastructure.

Question 44

Sumerian

Answer 44

Amazon Sumerian is a managed service that lets you create and run 3D, Augmented Reality (AR) and Virtual Reality (VR) applications. You can build immersive and interactive scenes that run on AR and VR, mobile devices, and your web browser.

Question 45

WorkSpaces

Answer 45

Amazon WorkSpaces is a fully managed, secure cloud desktop service. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.

Question 46

CloudEndure

Answer 46

Disaster Recovery to recover your servers into AWS

Continuous block-level replication of your servers