Learning Deck Cheat Sheet

Question 1

Amazon Elastic Compute Cloud (Amazon EC2) …

Answer 1

… provides secure, resizable compute capacity in the cloud as Amazon EC2 instances.

Question 2

Amazon EC2 Savings Plans 

Answer 2

… enable you to reduce your compute costs by committing to a consistent amount of compute usage for a 1-year or 3-year term.

Question 3

Reserved Instances 

Answer 3

… are a billing discount applied to the use of On-Demand Instances in your account. You can purchase Standard Reserved and Convertible Reserved Instances for a 1-year or 3-year term, and Scheduled Reserved Instances for a 1-year term.

Question 4

Spot Instances

Answer 4

…  are ideal for workloads with flexible start and end times, or that can withstand interruptions. Spot Instances use unused Amazon EC2 computing capacity and offer you cost savings at up to 90% off of On-Demand prices.

Question 5

Amazon EC2 Auto Scaling

Answer 5

… enables you to automatically add or remove Amazon EC2 instances in response to changing application demand.

Question 6

Elastic Load Balancin

Answer 6

… is the AWS service that automatically distributes incoming application traffic across multiple resources, such as Amazon EC2 instances. 

Question 7

Amazon Simple Notification Service (Amazon SNS)

Answer 7

… is a publish/subscribe service. Using Amazon SNS topics, a publisher publishes messages to subscribers. 

Question 8

Amazon SQS

Answer 8

Using …, you can send, store, and receive messages between software components, without losing messages or requiring other services to be available. In Amazon SQS, an application sends messages into a queue.

Question 9

AWS Lambda

Answer 9

…  is a service that lets you run code without needing to provision or manage servers. 

Question 10

Amazon Elastic Container Service (Amazon ECS)

Answer 10

… is a highly scalable, high-performance container management system that enables you to run and scale containerized applications on AWS. 

Question 11

Amazon Elastic Kubernetes Service (Amazon EKS) 

Answer 11

… is a fully managed service that you can use to run Kubernetes on AWS. 

Question 12

AWS Fargate

Answer 12

… is a serverless compute engine for containers. It works with both Amazon ECS and Amazon EKS.

Question 13

Availability Zone

Answer 13

An …  is a single data center or a group of data centers within a Region. Availability Zones are located tens of miles apart from each other.

Question 14

edge location

Answer 14

An … is a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery.

Question 15

AWS Management Console

Answer 15

The … is a web-based interface for accessing and managing AWS services. 

Question 16

AWS Elastic Beanstalk

Answer 16

With …, you provide code and configuration settings, and Elastic Beanstalk deploys the resources necessary to perform the following tasks: Adjust capacity, Load balancing, Automatic scaling, Application health monitoring

Question 17

AWS CloudFormation

Answer 17

With …, you can treat your infrastructure as code. This means that you can build an environment by writing lines of code instead of using the AWS Management Console

Question 18

Amazon Virtual Private Cloud (Amazon VPC)

Answer 18

A networking service that you can use to establish boundaries around your AWS resources is …. Amazon VPC enables you to provision an isolated section of the AWS Cloud.

Question 19

AWS Direct Connect

Answer 19

… is a service that enables you to establish a dedicated private connection between your data center and a VPC.  

Question 20

subnet

Answer 20

A … is a section of a VPC in which you can group resources based on security or operational needs. Subnets can be public or private. 

Question 21

A network access control list

Answer 21

The VPC component that checks packet permissions for subnets is a network access control list (ACL). … is a virtual firewall that controls inbound and outbound traffic at the subnet level. Network ACLs perform stateless packet filtering. They remember nothing and check packets that cross the subnet border each way: inbound and outbound. 

Question 22

security group

Answer 22

A … is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance. Security groups perform stateful packet filtering. They remember previous decisions made for incoming packets.

Question 23

Amazon Route 53

Answer 23

…  is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications hosted in AWS. 

Question 24

 instance store 

Answer 24

An … provides temporary block-level storage for an Amazon EC2 instance. An instance store is disk storage that is physically attached to the host computer for an EC2 instance

Question 25

Amazon Elastic Block Store

Answer 25

Amazon Elastic Block Store (Amazon EBS) is a service that provides block-level storage volumes that you can use with Amazon EC2 instances. If you stop or terminate an Amazon EC2 instance, all the data on the attached EBS volume remains available.

Question 26

EBS snapshot

Answer 26

An EBS snapshot is an incremental backup. 

Question 27

Amazon S3)

Answer 27

Amazon Simple Storage Service (Amazon S3) is a service that provides object-level storage. Amazon S3 stores data as objects in buckets.

Question 28

S3 Standard

Answer 28

S3 Standard provides high availability for objects.

Question 29

S3 Standard-IA

Answer 29

S3 Standard-IA is ideal for data infrequently accessed but requires high availability when needed. 

Question 30

S3 Intelligent-Tiering storage class

Answer 30

In the S3 Intelligent-Tiering storage class, Amazon S3 monitors objects’ access patterns.

Question 31

S3 Glacier

Answer 31

S3 Glacier is a low-cost storage class that is ideal for data archiving.

Question 32

Amazon EFS

Answer 32

Amazon Elastic File System (Amazon EFS) is a scalable file system used with AWS Cloud services and on-premises resources. As you add and remove files, Amazon EFS grows and shrinks automatically.

Question 33

Amazon RDS

Answer 33

Amazon Relational Database Service (Amazon RDS) is a service that enables you to run relational databases in the AWS Cloud.

Question 34

Amazon Aurora 

Answer 34

Amazon Aurora is an enterprise-class relational database. It is compatible with MySQL and PostgreSQL relational databases. 

Question 35

Amazon DynamoDB

Answer 35

Amazon DynamoDB is a key-value database service. It delivers single-digit millisecond performance at any scale.

Question 36

Amazon Redshift

Answer 36

Amazon Redshift is a data warehousing service that you can use for big data analytics. It offers the ability to collect data from many sources and helps you to understand relationships and trends across your data.

Question 37

AWS Database Migration Service

Answer 37

AWS Database Migration Service (AWS DMS) enables you to migrate relational databases, nonrelational databases, and other types of data stores.

Question 38

Amazon DocumentDB

Answer 38

Amazon DocumentDB is a document database service that supports MongoDB workloads. (MongoDB is a document database program.)

Question 39

Amazon Neptune

Answer 39

Amazon Neptune is a graph database service. You can use Amazon Neptune to build and run applications that work with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.

Question 40

Quantum Ledger Database

Answer 40

Amazon Quantum Ledger Database (Amazon QLDB) is a ledger database service. 

Question 41

ElastiCache

Answer 41

Amazon ElastiCache is a service that adds caching layers on top of your databases to help improve the read times of common requests. 

Question 42

DynamoDB Accelerator

Answer 42

Amazon DynamoDB Accelerator (DAX) is an in-memory cache for DynamoDB. 

Question 43

shared responsibility model

Answer 43

The shared responsibility model divides into customer responsibilities (commonly referred to as “security in the cloud”) and AWS responsibilities (commonly referred to as “security of the cloud”).

Question 44

AWS Identity and Access Management (IAM) enables

Answer 44

AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely.  

Question 45

IAM user

Answer 45

An IAM user is an identity that you create in AWS. It represents the person or application that interacts with AWS services and resources. It consists of a name and credentials.

Question 46

AWS Organizations

Answer 46

Suppose that your company has multiple AWS accounts. You can use AWS Organizations to consolidate and manage multiple AWS accounts within a central location.

Question 47

AWS Artifact Agreements

Answer 47

Suppose that your company needs to sign an agreement with AWS regarding your use of certain types of information throughout AWS services. You can do this through AWS Artifact Agreements. 

Question 48

AWS Artifact Reports.

Answer 48

Suppose that a member of your company’s development team is building an application and needs more information about their responsibility for complying with certain regulatory standards. You can advise them to access this information in AWS Artifact Reports.

Question 49

Customer Compliance Center

Answer 49

The Customer Compliance Center contains resources to help you learn more about AWS compliance. 

Question 50

AWS Shield

Answer 50

AWS Shield is a service that protects applications against DDoS attacks. AWS Shield provides two levels of protection: Standard and Advanced.

Question 51

AWS Key Management Service (AWS KMS) 

Answer 51

AWS Key Management Service (AWS KMS) enables you to perform encryption operations through the use of cryptographic keys.

Question 52

AWS WAF (Web application Firewall)

Answer 52

AWS WAF is a web application firewall that lets you monitor network requests that come into your web applications. AWS WAF works together with Amazon CloudFront and an Application Load Balancer.

Question 53

Amazon Inspector

Answer 53

Amazon Inspector helps to improve the security and compliance of applications by running automated security assessments. 

Question 54

GuardDuty

Answer 54

Amazon GuardDuty is a service that provides intelligent threat detection for your AWS infrastructure and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.

Question 55

CloudWatch 

Answer 55

Amazon CloudWatch is a web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics. With CloudWatch, you can create alarms that automatically perform actions if the value of your metric has gone above or below a predefined threshold. 

Question 56

Cloud Watch Dashboard

Answer 56

The CloudWatch dashboard feature enables you to access all the metrics for your resources from a single location. 

Question 57

CloudTrail records

Answer 57

AWS CloudTrail records API calls for your account. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, and more. 

Question 58

CloudTrail Insights

Answer 58

Within CloudTrail, you can also enable CloudTrail Insights. This optional feature allows CloudTrail to automatically detect unusual API activities in your AWS account. 

Question 59

AWS Trusted Advisor

Answer 59

AWS Trusted Advisor is a web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices. Trusted Advisor compares its findings to AWS best practices in five categories: cost optimization, performance, security, fault tolerance, and service limits.

Question 60

 AWS Free Tier

Answer 60

The AWS Free Tier enables you to begin using certain services without having to worry about incurring costs for the specified period. 

Question 61

AWS Pricing Calculator

Answer 61

The AWS Pricing Calculator lets you explore AWS services and create an estimate for the cost of your use cases on AWS. You can organize your AWS estimates by groups that you define. A group can reflect how your company is organized, such as providing estimates by cost center.

Question 62

AWS Billing & Cost Management

Answer 62

Use the AWS Billing & Cost Management dashboard to pay your AWS bill, monitor your usage, and analyze and control your costs.

Question 63

AWS Budgets

Answer 63

In AWS Budgets, you can create budgets to plan your service usage, service costs, and instance reservations. The information in AWS Budgets updates three times a day.

Question 64

AWS Cost Explorer

Answer 64

AWS Cost Explorer is a tool that enables you to visualize, understand, and manage your AWS costs and usage over time.

Question 65

AWS offers four different Support plans …

Answer 65

AWS offers four different Support plans to help you troubleshoot issues, lower costs, and efficiently use AWS services.  Basic, Developer, Business, Enterprise

Question 66

AWS Marketplace 

Answer 66

AWS Marketplace is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, and buy software that runs on AWS. 

Question 67

 AWS Cloud Adoption Framework (AWS CAF)

Answer 67

At the highest level, the AWS Cloud Adoption Framework (AWS CAF) organizes guidance into six areas of focus, called Perspectives. Each Perspective addresses distinct responsibilities. In general, the Business, People, and Governance Perspectives focus on business capabilities, whereas the Platform, Security, and Operations Perspectives focus on technical capabilities.

Question 68

six of the most common migration strategies 

Answer 68

When migrating applications to the cloud, six of the most common migration strategies that you can implement are: Rehosting, Replatforming, Refactoring/re-architecting, Repurchasing, Retaining, Retiring

Question 69

AWS Snow Family

Answer 69

The … is a collection of physical devices that help to physically transport up to exabytes of data into and out of AWS. 

Question 70

AWS Snowcone

Answer 70

… is a small, rugged, and secure edge computing and data transfer device. It features 2 CPUs, 4 GB of memory, and 8 TB of usable storage.

Question 71

AWS Snowball 

Answer 71

… offers two types of devices: Snowball Edge Storage Optimized devices and Snowball Edge Compute Optimized devices.

Question 72

AWS Snowmobile 

Answer 72

… is an exabyte-scale data transfer service used to move large amounts of data to AWS. You can transfer up to 100 petabytes of data per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi trailer truck.

Question 73

AWS Well-Architected Framework

Answer 73

The  … helps you understand how to design and operate reliable, secure, efficient, and cost-effective systems in the AWS Cloud. It provides a way for you to consistently measure your architecture against best practices and design principles and identify areas for improvement.

Question 74

Operational excellence

Answer 74

 … is the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures.  Performance efficiency is the ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve. 

Question 75

What are the differences between
network access control lists and
security groups?

Answer 75

• Network access control lists are
virtual firewalls for subnets. They
perform stateless packet filtering.
• Security groups are virtual
firewalls for Amazon EC2
instances. They perform stateful
packet filtering

Question 76

Which statement describes security

groups?

Answer 76

They are stateful and deny all

inbound traffic by default

Question 77

What are the three storage types

Answer 77

Block storage
Object Storage
File Storage

Question 78

What three parts belong to an object

Answer 78

In object storage, each object consists

of data, metadata, and a key.

Question 79

Which option is TRUE about Amazon
EBS volumes and Amazon EFS file
systems?

Answer 79

EBS volumes store data in a single Availability
Zone. Amazon EFS file systems store data
across multiple Availability Zones. (correct)

Question 80

Five examples for customer responsibilities

Answer 80

Instance Operating System
Applications
Security Groups
Host-Based Firewalls
Account Management

Question 81

A customer is configuring service
control policies (SCPs) in AWS
Organizations. Which identities and
resources can SCPs be applied to?
(Select TWO.)

Answer 81

A. IAM users
B. IAM groups
C. An individual member account
(correct)
D. IAM roles
E. An organizational unit (OU) (correct)

Question 82

Which categories are included in
the AWS Trusted Advisor
dashboard? (Select TWO.)

Answer 82

A. Reliability
B. Performance (correct)
C. Scalability
D. Elasticity
E. Fault tolerance (correct)

Question 83

Which pricing tool is used to
visualize, understand, and manage
your AWS costs and usage over
time?

Answer 83

A. AWS Pricing Calculator
B. AWS Budgets
C. AWS Cost Explorer (correct)
D. AWS Free Tier

Question 84

Which pricing tool can a customer
use to receive alerts when their
service usage exceeds a customerdefined threshold?

Answer 84

A. Billing dashboard in the AWS
Management Console
B. AWS Budgets (correct)
C. AWS Free Tier
D. AWS Cost Explorer

Question 85

What are the five pillars for Well-architected framework?

Answer 85

• Operational excellence
• Security
• Reliability
• Performance efficiency
• Cost optimization

Question 86

What is the storage capacity of

AWS Snowmobile?

Answer 86

A. 40 PB
B. 60 PB
C. 80 PB
D. 100 PB (correct)

Question 87

What is the storage capacity of

Snowball Edge Storage Optimized?

Answer 87

A. 40 TB
B. 60 TB
C. 80 TB (correct)
D. 100 TB

Question 88

Which AWS Well-Architected
Framework pillar includes the
ability to recover from
infrastructure or service
disruptions?

Answer 88

A. Cost optimization
B. Operational excellence (correct)
C. Performance efficiency
D. Reliability