JAN5 QUESTIONS Flashcards

TO PASS AWS SA FIRS TIME UP!

1
Q

AUDITS AWS RESOURCES

A

AWS CONFIG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

API MONITORING SERVICE

A

AWS CLOUD TRAIL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

EVERY TIME A RESOURCE A CHANGED, WHERE DOES CONFIG RECORD THE CHANGE?

A

S3 BUCKET

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

LOGGING SERVICE THAT RECORDS ALL API CALLS TO ANY AWS SERVICE

A

AWS CLOUDTRAIL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

RECORDS DETAILS OF A CALL, LIKE WHICH USER OR APPLICATION MADE THE CALL, WHEN IT WAS MADE AND WHAT IP ADDRESS IT WAS MADE FROM

A

AWS CLOUD TRAIL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

REPORTS ON WHAT HAS CHANGED

A

CONFIG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

REPORTS ON WHO MADE THE CHANGE, WHEN AND FROM WHICH LOCATION

A

CLOUDTRAIL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

[TERM LINK] RESOURCE AUDIT

A

CONFIG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

[TERM LINK] API CALL AUDIT

A

CLOUDWATCH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

TYPICALLY USED FOR AUDITING AND COMPLIANCE PURPOSES ACROSS ORGANIZATIONS

A

AWS CONFIG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

WHAT ARE THE TWO DELETEONTERMINATION VALUES?

A

TRUE / FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IF A DELETEONTERMINATION IS SET TO FALSE, WHAT HAPPENS WHEN AN INSTANCE IS TERMINATED?

A

IT PRESERVES THE ROOT VOLUME AND ENSURES IT REMAINS INTACT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

YOUR DB INSTANCE MUST BE IN THE ______ STATE FOR AUTOMATED BACKUPS TO OCCUR

A

ACTIVE STATE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

YOU CREATE A SNAPSHOT AND THEN YOU HAVE TO

A

COPY IT TO ANOTHER REGION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SNS TOPICS ARE USED FOR

A

NOTIFICATION PURPOSES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

UNDERLYING STORAGE FOR A DB INSTANCE, AUTOMATED BACKUPS, READ REPLICAS, AND SNAPSHOTS ARE ALL ….

A

DATA THAT IS ENCRYPTED AT REST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

_____ CAN BE CONFIGURED TO USE SERVICE AUTO SCALING TO ADJUST ITS DESIRED COUNT UP OR DOWN IN RESPONSE TO CLOUDWATCH ALARMS

A

AMAZON ECS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

_______ FOR LAMBDA FUNCTIONS ENABLE YOU TO DYNAMICALLY PASS SETTINGS TO YOUR FUNCTION CODE AND LIBRARIES, WITHOUT MAKING CHANGES TO YOUR CODE

A

ENVIRONMENT VARIABLES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

YOU CAN USE _____ TO HELP LIBRARIES KNOW WHAT DIRECTORY TO INSTALL FILES IN, WHERE TO STORE OUTPUTS, STORE CONNECTION AND LOGGING SETTINGS, AND MORE

A

ENVIRONMENT VARIABLES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

______POWERED BY AWS PRIVATELINK, AN AWS TECHNOLOGY THAT ENABLES PRIVATE COMMUNICATION BETWEEN AWS SERVICES USING AN ELASTIC NETWORK

A

VPC ENDPOINTS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

WHEN YOU CREATE A TRAIL THAT APPLIES TO ____ _____ CLOUDTRAIL RECORDS EVENTS IN EACH REGIION AND DELIVERS THE CLOUDTRAIL EVENT LOG FILES TO AN S3 BUCKET THAT YOU SPECIFY

A

ALL REGIONS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IF A REGION IS ADDED AFTER YOU CREATE A TRAIL THAT APPLIES TO ALL REGIONS, THAT NEW REGION IS _____

A

AUTOMATICALLY INCLUDED AND EVENTS IN THAT REGION IS LOGGED

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

YOU CAN CONFIGURE AMAZON REDSHIFT TO AUTOMATICALLY _____

A

COPY SNAPSHOTS TO ANOTHER REGION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

BASTION HOSTS NEED TO BE IN A _____ SUBNET

A

PUBLIC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

BASTION HOST PURPOSE IS TO

A

PROVIDE ACCESS TO A PRIVATE NETWORK FROM AN EXTERNAL NETWORK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

VPC ENDPOINT INTERFACES HAVE TO BE

A

IN THE SAME REGION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

______ IS A CLOUD SERVICE SOLUTION THAT MAKES IT EASY TO ESTABLISH A DEDICATED NETWORK CONNECTION FROM YOUR PREMISES TO AWS

A

AWS DIRECT CONNECT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

____ IS A WEB SERVICE THAT YOU CAN USE TO AUTOMATE THE MOVEMENT AND TRANSFORMATION OF DATA

A

AWS DATA PIPELINE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

COMMONLY USED TO TAKE METADATA AND STORE THE METADATA IN DYNAMODB

A

AWS LAMBDA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

YOU CAN USE _____ TO DELEGATE ACCESS TO USERS, APPLICATIONS, OR SERVICES THAT DON’T NORMALLY HAVE ACCESS TO YOUR AWS RESOURCES

A

IAM ROLES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

DATA IN DYNAMODB IS STORED IN _____ FORMAT

A

JSON

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

WHEN AN EC2-CLASSIC INSTANCE IS STOPPED, AWS ______ ANY ELASTIC IP ADDRESS THATS ASSOCIATED WITH INSTANCE

A

DISASSOCIATES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

WHEN AN EC2-CLASSIC INSTANCE IS STOPPED, AWS RELEASES THE

A

PUBLIC AND PRIVATE IPV4 ADDRESSES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

IF YOU USE PuTTY TO CONNECT TO YOUR INSTANCE VIA SSH YOU NEED TO VERIFY THAT YOUR PRIVATE KEY (.pem) HAS BEEN CORRECTLY CONVERTED TO

A

.ppk (PuTTY FORMAT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

EC2 BASIC DATA AVAILABLE AFTER

A

5 MINS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

EC2 DETAILED MONITORING DATA AVAILABLE AFTER

A

1 MIN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

_____ LAUNCHES A NUMBER OF EC2 INSTANCES FOR ITS HADOOP DATA PROCESSING ENGINE, IS MANAGED BY THE CUSTOMER AND IS USED TO PROCESS VAST AMOUNTS OF DATA

A

EMR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

AVAILABLE AMAZON EC2 METRICS

A

CPU UTILIZATION, NETWORK UTILIZATION, DISK PERFORMANCE AND DISK READ/WRITES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

[TERM LINK] OBJECT BASED

A

S3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

S3 FILE SIZE

A

0 BT - 5TB

41
Q

minimal replical lag, usually less than 100 millisecods

A

aws aurora

42
Q

___ ____ component can be used to create web server environments and work environments

A

elastic beanstalk

43
Q

_____ provides scalable file storage

A

EFS

44
Q

[TERM LINK]

EPHEMERAL

A

INSTANCE STORES

45
Q

_______ HELPS TO ENSURE THAT YOUR AUTO SCALING GROUP DOESN’T LAUNCH OR TERMINATE ADDITIONAL INSTANCES BEFORE THE PREVIOUS SCALING ACTIVITY TAKES EFFECT

A

AWS SCALING COOLDOWN PERIOD

46
Q

IAM ROLES IS USED TO DELEGATE ACCESS TO..

A

USERS, APPLICATIONS OR SERVICES

47
Q

USED FOR ISSUING TOKENS WHILE USING THE API GATEWAY FOR TRAFFIC IN TRANSIT

A

API GATEWAY WITH STS

48
Q

REDSHIFT WILL NOT BE ABLE TO ACCESS THE S3 VPC ENDPOINTS WITHOUT

A

ENHANCED VPC ROUTING

49
Q

IF LANGUAGE IS SPECIFIED IN THE QUERY STRING PARAMETERS THEN

A

CLOUDFRONT SHOULD BE CONFIGURED

50
Q

AWS KINESES DATA FIREHOSE CAN CAPTURE, TRANSFORM AND LOAD STREAMING DATA INTO

A
  • AMAZON REDSHIFT (NOT REDSHIFT SPECTRUM)
  • AMAZON ELASTICSEARCH SERVICE
  • SPLUNK
51
Q

AN INSTANCE STORE-BACKED INSTANCE IS EITHER

A

RUNNING OR TERMINATED , CAN NOT BE STOPPED !

52
Q

AWS REDSHIFT USES TWO FORMS OF ENCRYPTION

A

AWS KMS OR AWS HSM

53
Q

ON PREMISE —-> AWS RESOURCES

A

VPN CONNECTION

54
Q

PRIVATE RESOURCES REQUIRED TO ACCESS THE INTERNET?

A

UTILIZE NAT INSTANCE OR NAT GATEWAY

55
Q

BOTTLENECK

A

NAT INSTANCE

56
Q

ONCE YOU CONVERT FROM NAT INSTANCE TO NAT GATEWAY YOUR NEXT STEP IS TO

A

MOVE NAT GATEWAY TO PUBLIC SUBNET

57
Q

SERVICE WHERE YOU ONLY PAY FOR THE TIME THE FUNCTION RUNS AND NOT THE INFRASTRUCTURE, ALSO SAME SERVICE WHEN THE CUSTOMER HAS OWNERSHIP OF THE API

A

AWS LAMBDA

58
Q

MONITOR API ACTIVITY

A

CLOUD TRAIL

59
Q

CLOUD TRAIL MONITORS _____ ACTIVITY

A

API

60
Q

[TERM LINK] API ACTIVITY

A

CLOUD TRAIL

61
Q

[TERM LINK] CLOUD TRAIL

A

MONITOR API ACTIVITYC

62
Q

YOU CAN TURN ON A _____ACROSS ALL REGIONS

A

CLOUD TRAIL

63
Q

CLOUDTRAIL DELIVERS LOG FILES TO

A

S3 BUCKET AND OPTIONAL CLOUDWATCH LOG FILES

64
Q

OFFLOAD DATABASE READS

A

READ REPLICAS

65
Q

READ REPLICAS

A

OFFLOAD DB READS

66
Q

HIGH AVAILABILITY

A

MULTI AZ

67
Q

MULTI AZ MEANS

A

HIGH AVAILABILITY

68
Q

RDS HIGH AVAILABILITY

A

MULTI AZ

69
Q

RDS READ REPLICAS

A

OFFLOAD DB READS

70
Q

BATCH PROCESSING

A

SPOT INSTANCES

71
Q

SPOT INSTANCES

A

BATCH PROCESSING

72
Q

AMIS ARE NOT ______ AT REST

A

ENCRYPTED AT REST

73
Q

ROUTE 53 ROUTES USER TRAFFIC TO RANDOM WEB SERVERS

A

MULTIVALUE ANSWER

74
Q

MULTIVALUE ANSWER

A

ROUTE 53 ROUTES USER TRAFFIC TO RANDOM WEB SERVERS

75
Q

RANDOM WEB SERVERS

A

MULTIVALUE ANSWER

76
Q

INCREASE WRITE PERFORMANCE OF DB HOSTED ON EC2

A

INCREASE EC2 INSTANCE AND OR USE STANDARD RAID CONFIGURATION

77
Q

NO COST FOR TRANSFERRING DATA FROM

A

EC2 INSTANCE TO AN S3 BUCKET

78
Q

____ PROVIDES MULTIPLE WAYS TO USE AMAZON CLOUD DIRECTORY AND MICROSOFT ACTIVE DIRECTORY

A

AWS DIRECTORY SERVICE

79
Q

AWS DIRECTORY SERVICE

A

LINK BETWEEN CLOUD DIRECTORY AND MICROSOFT AD

80
Q

SNS SENDS NOTIFICATIONS OVER

A

HTTP, HTTPS, EMAIL, EMAIL-JSON, SQS AND SMS

81
Q

HTTP, HTTPS, EMAIL, EMAIL-JSON, SQS AND SMS

A

WHAT IS SENT OVER FROM SNS

82
Q

STORE SESSION DATA ON BOTH

A

DYNAMO DB AND ELASTICACHE

83
Q

IF AN INSTANCE IS STOPPED

A

DATA IS DELETED

84
Q

DATA IS DELETED WHEN

A

AN INSTANCE IS STOPPED

85
Q

TO IMPLEMENT STICKY SESSION YOU NEED TWO THINGS

A
  • HTTP/HTTPS LOAD BALANCER

* AT LEAST ONE HEALTHY INSTANCE

86
Q

instance metadata provides

A

instance ID, public keys, public IP address

87
Q

how to you find instance meta data

A

fire a URL command

88
Q

S3 Standard IA storage class is designed for

A

data that is accessed less frequently, but requires rapid access when needed

89
Q

managed cloud service that lets devices (IoT) easily and securely interact with cloud applications and other devices

A

AWS IoT Core

90
Q

perfect forward secrecy is provided to two aws services

A

CLOUDFRONT AND ELB

91
Q

AWS MANAGES SECURITY OF:

A
  • FACILITIES
  • PHYSICAL SECURITY OF HARDWARE
  • NETWORK INFRASTRUCTURE
  • VIRTUALIZATION INFRASTRUCTURE
92
Q

THE DATA IN_____ IS STORED IN JSON FORMAT FOR THE 100TH FUCKING TIME

A

DYNAMODB

93
Q

DYNAMODB FUCKING STORES DATA IN _____ FORMAT

A

FUCKING JSON

94
Q

SINCE DYNAMODB WORKS WITH IoTs, gaming, ad tech and mobile applications IT IS USED TO STORE

A

SESSION DATA

95
Q

THIS AWS FEATURE IS REALLY FUCKING GOOD BECAUSE IT IS DURABLE, ACID COMPLIANT AND ALLOWS SCHEMA FUCKING CHANGES

A

AURORA

96
Q

REDSHIFT CLUSTER DISASTER RECOVERY ???

A

CROSS-REGION SNAPSHOT

97
Q

FUCKING REDSHIFT HAS TWO FUCKING FORMS OF ENCRYPTION

A

AWS KMS AND HSM . HOLY FUCK ITS NOT THAT HARD

98
Q

IN ORDER TO HOST A STATIC WEBSITE IN S3 YOU NEED TO NEED TO ____________ IN THE DOMAIN REGRISTAR

A

ENTER THE FUCKING NS RECORDS

99
Q

HOLY FUCK MAN, CLOUD TRAIL MONITORS

A

API FUCKING ACTIVITY