Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certified Cloud Practitioner (CCP) > Management and Governance > Flashcards

Management and Governance Flashcards

1
Q

AWS Organizations

A

AWS Organizations

Organizes several different accounts

  • ->Starts w/ a Management Account
  • ->Can also create Management Accounts programmatically using Organizations API
  • ->Can also ‘invite’ existing accounts in

Allows you to consolidate multiple AWS accounts into an organization that you create and centrally manage

Includes Root Accounts and Organizational Units (OU)

Service Control Policies (SCPs) are applied to root accounts
—>Dictate permissions allowed w/in the organizational unit

Available in two feature sets:

  1. Consolidated Billing Feature
    - –>only provides the consolidated billing feature in the Management Account
  2. All features
    - –>Includes Service Control Policies as add’l feature
    - –>Includes Tag Policies as add’l feature

Consolidated billing includes:

  • –>Paying account - Independent and cannot access resources of other accounts (isolated)
  • –>Linked accounts - All linked accounts are independent accounts that get linked to the Paying account
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Simplifies process of creating multi-account environments and is a layer on top of AWS Organizations:

AWS Trusted Advisor
AWS Systems Manager
AWS Organizations
AWS Control Tower

A

AWS Control Tower

Simplifies process of creating multi-account environments

Layer on top of AWS Organizations
—>Will automate Organizations, SCP, etc

Sets up governance, compliance, and security guardrails

  • ->Disallowing public write access to Amazon Simple Storage Service (S3)buckets
  • ->Disallowing access as a root user without multi-factor authentication
  • ->Enabling encryption for Amazon EBS volumes attached to EC2 instances

Integrates with other services and features to setup the environment in an automated way for you including:

  • AWS Organizations
  • AWS Cloudtrail
  • Amazon S3
  • AWS CloudFormation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AWS Systems Manager

A

AWS Systems Manager

Manages many AWS resources including Amazon EC2, Amazon S3, Amazon RDS
—>Gives you visibility and control of your infrastructure on AWS

Systems Manager components:

Automation - Uses documents to run automations

Run Command - Run commands on EC2 instances

Inventory - Gather inventory information

Patch Manager

  • –>Manage patching schedules and installation
  • –>Deploy OS and software patches automatically across large groups of Amazon EC2 or on-premises instances

Compliance - Scan managed instances for patch compliance and configuration inconsistencies

Session Manager

  • –>Connect securely to instances without SSH or RDP
  • –>Replaces need for bastion hosts, SSH, or remote PowerShelll

Parameter store - Store secrets and configuration data securely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AWS Service Catalog

A

Allows organizations to create and manage catalogs of IT services that are approved for use on AWS
—>Rely on CloudFormation templates

Can centrally manage commonly deployed IT services

Can include:

  • Virtual machine images
  • Servers
  • Software
  • Databases
  • Multi-tier application architecture

Enables users to quickly deploy on the approved IT services needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A fully managed service that enables you to Assess, audit, and evaluate the configuration of your AWS resources:

AWS Trusted Advisor
AWS Systems Manager
AWS Organizations
AWS Config

A

AWS Config

A fully managed service that enables you to Assess, audit, and evaluate the configuration of your AWS resources

Works with Cloudtrail (history of who did what)
—>Config is more about your resources being configured as expected

An organization can use Config with the resource types, to track resource inventory and configuration history for security and compliance reasons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Online tool that provides you real time guidance to help you provision your resources following AWS best practices:

AWS Trusted Advisor
AWS Systems Manager
AWS Organizations
AWS Config

A

AWS Trusted Advisor

Online tool that provides you real time guidance to help you provision your resources following AWS best practices

Trusted Advisor will advise on:

  • Cost optimization
  • Performance
  • Security
  • Fault Tolerance

Sample Question: Which AWS Cloud service provides recommendations on how to optimize performance for AWS services?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Provides alerts and remediation guidance when AWS is experiencing events that may impact you or proactive notifications for scheduled activities. Can be personalized to you.

AWS Personal Health Dashboard
Service Health Dashboard
Trusted Advisor
Amazon CloudWatch

A

AWS Personal Health Dashboard

Provides alerts and remediation guidance when AWS is experiencing events that may impact you

For example: You are using your VPC and it shows your usage/outages

Gives a personalized view into the performance and availability of the AWS services underlying your AWS resources

Displays relevant and timely information to help users manage events in progress and provides proactive notification to help you plan for scheduled activities

Personalized to you

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Shows the current status of AWS Services but may not be relevant to you specifically:

	○ No  proactive notification of scheduled activities
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Certified Cloud Practitioner (CCP) (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions