Introduction to Cloud Computing and AWS Flashcards
Your developers want to run fully provisioned EC2 instances to support their application code deployments but prefer not to have to worry about manually configuring and launching the necessary infrastructure. Which of the following should they use?
AWS Lambda
AWS Elastic Beanstalk
Amazon EC2 Auto Scaling
Amazon Route 53
B. Elastic Beanstalk takes care of the ongoing underlying deployment details for you, allowing you to focus exclusively on your code. Lambda will respond to trigger events by running code a single time, Auto Scaling will ramp up existing infrastructure in response to demand, and Route 53 manages DNS and network routing.
Some of your application’s end users are complaining of delays when accessing your resources from remote geographic locations. Which of these services would be the most likely to help reduce the delays?
Amazon CloudFront
Amazon Route 53
Elastic Load Balancing
Amazon Glacier
A. CloudFront maintains a network of endpoints where cached versions of your application data are stored to provide quicker responses to user requests. Route 53 manages DNS and network routing, Elastic Load Balancing routes incoming user requests among a cluster of available servers, and Glacier provides high‐latency, low‐cost file storage.
Which of the following is the best use‐case scenario for Elastic Block Store?
You need a cheap and reliable place to store files your application can access.
You need a safe place to store backup archives from your local servers.
You need a source for on‐demand compute cycles to meet fluctuating demand for your application.
You need persistent storage for the filesystem run by your EC2 instance.
D. Elastic Block Store provides virtual block devices (think: storage drives) on which you can install and run filesystems and data operations. It is not normally a cost‐effective option for long‐term data storage.
You need to integrate your company’s local user access controls with some of your AWS resources. Which of the following can help you control the way your local users access your AWS services and administration console? (Choose two.)
AWS Identity and Access Management (IAM)
Key Management Service (KMS)
AWS Directory Service
Simple WorkFlow (SWF)
Amazon Cognito
A, C. AWS IAM lets you create user accounts, groups, and roles and assign them rights and permissions over specific services and resources within your AWS account. Directory Service allows you to integrate your resources with external users and resources through third‐party authentication services. KMS is a tool for generating and managing encryption keys, and SWF is a tool for coordinating application tasks. Amazon Cognito can be used to manage authentication for your application users, but not your internal admin teams.
The data consumed by the application you’re planning will require more speed and flexibility than you can get from a closely defined relational database structure. Which AWS database service should you choose?
Relational Database Service (RDS)
Amazon Aurora
Amazon DynamoDB
Key Management Service (KMS)
C. DynamoDB provides a NoSQL (nonrelational) database service. Both are good for workloads that can be more efficiently run without the relational schema of SQL database engines (like those, including Aurora, that are offered by RDS). KMS is a tool for generating and managing encryption keys.
You’ve launched an EC2 application server instance in the AWS Ireland region and you need to access it from the web. Which of the following is the correct endpoint address that you should use?
compute.eu-central-1.amazonaws.com
ec2.eu-central-1.amazonaws.com
elasticcomputecloud.eu-west-2.amazonaws.com
ec2.eu-west-1.amazonaws.com
D. EC2 endpoints will always start with an ec2 prefix followed by the region designation (eu‐west‐1 in the case of Ireland).
When working to set up your first AWS deployment, you keep coming across the term availability zone. What exactly is an availability zone?
An isolated physical data center within an AWS region
A region containing multiple data centers
A single network subnet used by resources within a single region
A single isolated server room within a data center
A. An availability zone is an isolated physical data center within an AWS region. Regions are geographic areas that contain multiple availability zones, subnets are IP address blocks that can be used within a zone to organize your networked resources, and there can be multiple data centers within an availability zone.
As you plan your multi‐tiered, multi‐instance AWS application, you need a way to effectively organize your instances and configure their network connectivity and access control. Which tool will let you do that?
Load Balancing
Amazon Virtual Private Cloud (VPC)
Amazon CloudFront
AWS endpoints
B. VPCs are virtualized network environments where you can control the connectivity of your EC2 (and RDS, etc.) infrastructure. Load Balancing routes incoming user requests among a cluster of available servers, CloudFront maintains a network of endpoints where cached versions of your application data are stored to provide quicker responses to user requests, and AWS endpoints are URIs that point to AWS resources within your account.
You want to be sure that the application you’re building using EC2 and S3 resources will be reliable enough to meet the regulatory standards required within your industry. What should you check?
Historical uptime log records
The AWS Program Compliance Tool
The AWS service level agreement (SLA)
The AWS Compliance Programs documentation page
The AWS Shared Responsibility Model
C. The AWS service level agreement tells you the level of service availability you can realistically expect from a particular AWS service. You can use this information when assessing your compliance with external standards. Log records, though they can offer important historical performance metrics, probably won’t be enough to prove compliance. The AWS Compliance Programs page will show you only which regulatory programs can be satisfied with AWS resources, not whether a particular configuration will meet their demands. The AWS Shared Responsibility Model outlines who is responsible for various elements of your AWS infrastructure. There is no AWS Program Compliance tool.
Your organization’s operations team members need a way to access and administer your AWS infrastructure via your local command line or shell scripts. Which of the following tools will let them do that?
AWS Config
AWS CLI
AWS SDK
The AWS Console
B. The AWS Command Line Interface (CLI) is a tool for accessing AWS APIs from the command‐line shell of your local computer. The AWS SDK is for accessing resources programmatically, the AWS Console works graphically through your browser, and AWS Config is a service for editing and auditing your AWS account resources.
While building a large AWS‐based application, your company has been facing configuration problems they can’t solve on their own. As a result, they need direct access to AWS support for both development and IT team leaders. Which support plan should you purchase?
Business
Developer
Basic
Enterprise