General Concepts

Question 1

S3 Transfer Acceleration

Answer 1

Facilitates quicker uploads by using edge locations to copy data into Amazon S3.

Question 2

Pilot Light Disaster Recovery

Answer 2

Recreates an existing application hosting environment in an AWS Region. This solution turns off most (or all) resources and uses the resources only during tests or when DR failover is necessary. RPO and RTO are usually 10s of minutes.

Question 3

Backup and Restore Disaster Recovery

Answer 3

Backup Configuration and App to an S3 and build during a failure. Backup and restore DR strategies typically have the lowest cost but highest recovery time. A solution that manually rebuilds the hosting infrastructure on AWS could take hours.

Question 4

Warm Standby Disaster Recovery

Answer 4

Recreates an existing application hosting environment in an AWS Region. This solution serves a portion of live traffic. With this DR strategy, RPO and RTO are usually a few minutes. However, costs are higher because this solutions runs resources continuously.

Question 5

Deregistration delay

Answer 5

A window of time that an ELB will wait before deregistering an instance, but not send any new traffic to the instance. Used to prevent in-flight requests from being disconnected. (Default is 300s)

Question 6

When to Use Cloudfront Signed URLs vs. Signed Cookies

Answer 6

Use Signed URLs to access individual files, use Signed cookies when you need to give access to multiple files

Question 7

When to use FSX for Lustre

Answer 7

Use it for high throughput storage of lots of data (e.g. when training machine learning models)

Question 8

VPN CloudHub

Answer 8

A way to build a Hub-and-spoke connection between multiple on-premise data centers and your VPC

Question 9

Kinesis Enhanced Fanout

Answer 9

Allows developers to scale up the number of stream consumers (applications reading data from a stream in real-time) by offering each stream consumer its own read throughput.

Question 10

Redis Auth

Answer 10

A redis command available in elasticache that enables Redis to require a password before allowing clients to run commands, thereby improving data security.

Question 11

RDS Custom

Answer 11

Managed database services for applications that require operating system and database customization.

Question 12

Cognito User pools vs. Identity Pools

Answer 12

User Pools - Sources for Authentication (custom, facebook, google etc.)
Identity Pools - Generate AWS Credentials for an authenticated user

Question 13

Which Services can a Gateway endpoint connect to?

Answer 13

S3 and DynamoDB

Question 14

Can Snowball deploy directly into S3 Glacier

Answer 14

No - you need to put it into S3 and then set a lifecycle policy

Question 15

VPC Sharing

Answer 15

Allows multiple AWS accounts to create their application resources, such as Amazon EC2 instances, Amazon Relational Database Service (RDS) databases, Amazon Redshift clusters, and AWS Lambda functions, into shared, centrally-managed virtual private clouds (VPCs).

Sharing is done via subnets! not VPCs

Question 16

VPC Peering

Answer 16

A networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses.

Question 17

NAT Instance vs. NAT Gateway

Answer 17

A NAT Instance is pretty much a more customizable version of a NAT Gateway,

Gateways provide better availability and bandwidth and require less effort on your part to administer.