Old Cards Flashcards
How many copies of Aurora for High AVailability
2 per AZ, 3 AZ minimum
How many copies for Aurora’s databases can be lost before affecting: a) Write b) Read
a) 2
b) 3
How does Aurora know there’s a failure
Continuous scans for data block errors
In Route53, what happens to a node with a failed health check
The node is removed until it becomes heathy
What is the retention window for Kinesis Streams
1 - 7 days; the default is 1
Which can run in multi-AZ: Memcached or Redis
Redis
In Cognito, what are Identity Pools
A store of Identity data, providing temporary AWS credentials
Describe the Backup and Restore strategy of RDS
Full backup, with Transaction logs during the day, stored in S3
Restore specified day, along with Transaction logs
What happens to RDS during backups
I/O may be suspended or there may be latency
In DNS, what is a PTR record
It is a reverse A record (ie: an IP address to a domain)
What are 3 levels of Flow Logs
VPC
Subnet
Network Interface
What are 4 types of S3 Encryption
SSE-S3
SSE-KMS
SSE-C
Client Library
What are 3 ways to add scale to a MySQL RDS instance
Add Read Replicas
Provision a larger EC2 instance
Use Elasticache for frequently read, static data
What are 2 types of CloudWatch Dashboards
Global
Regional
What are 3 types of Placement Groups
Clustered: Instances in a single AZ
Spread: Instances in multiple AZs
Partitioned: Instances spread across multiple partitions in each AZ
Which scales Horizontally: Memcached or Redis
Memcached
In Cognito, what are User Portals
User Directories, allowing users to Sign Up and Log into apps using a JSON Web Token (JWT)
Do Elastic Load Balancers have an IP Address
No, they have a DNS Name
What Statuses do Instances have in an Elastic Load Balancer
In Service
Out of Service
What are the Task/Message differences in SWF and SQS
SWF is Task-based
SQS is Message-based
What are the Assigned/Process differences in SWF and SQS
SWF Tasks are assigned only once and never duplicated
SQS Messages may be processed multiple times
What are the Tracking differences in SWF and SQS
SWF tracks Tasks and Events
SQS doesn’t track anything
Given the choice, should I use a CNAME or an Alias record
Always use an Alias; they are cheaper and can be used on an Elastic Load Balancer
In SQS, what does the attribute DelaySeconds do
SQS will hide a new message for the specified time
In SWF, what is the maximum time a Task can remain in a workflow
One year
In Route53, what is MultiValue routing
Send traffic from a random set of healthy nodes to a single resource
What three ways can you allow communication between a VPC and On-Premises
1) Configure a VPC subnet that doesn’t conflict with subnets on the On-Premises network
2) Add an Internet Gateway to the VPC for VPN connectivity
3) Configure Direct Connect
What are the rules for AMI publication
1) Disable Services and Protocols that authenticate in cleartext (ie: FTP)
2) Don’t start unnecessary services (ie: only SSH and RDP)
3) Securely delete:
- AWS credentials
- Third party credentials
- Any certificates and keys
4) Ensure installed software doesn’t use default credentials
What parts of the AWS Infrastructure does AWS secure
Data Centers
Hardware
MFA Appliances
24x7 Site Security
Least Access
What are your responsibilities for securing AWS resources
Anything you put on or connect to the cloud
What are 2 ways you can revert from Dedicated to Default hosting
Use the AWS CLI to change the VPC’s Tenancy
Use the AWS CLI to change the Instance Placement attribute
What happens when a Spot instance’s Bid Price is exceeded
The Instance-Action variable is created
The Action variable is set to Terminate
The time value is set to 2 minutes in the future
In SQS, what is the maximum Visibility Timeout
14 days
In SQS, what does WaitTimeSeconds do
The amount of time to wait for messages
Do you create Roles for Users, Groups or Services
Services
Describe Disk and Memory security for instances
No access to raw disk
Virtual drives are auto-reset for all blocks
Memory is zero set before release
What are the 3 Actors for SWF
Workflow Starter: app that initiates the workflow
Activity Workers: Carry out tasks (can be a human)
Decider: Controls the flow of Activity Workers
What are the 5 areas checked by Trusted Advisor
Cost Optimization
Performance
Security
Fault Tolerance
Service Limits
How long can a SQS message remain in the queue
1 - 14 days; default is 4 days
What type of storage is used in RedShift
Columnar storage
What type of compression is used in RedShift
Advanced Compression based upon data
How does RedShift distribute processing
Massively Parallel Processing
What are the 4 support options
Basic
Developer
Business
Enterprise
What are the 4 parts of CloudWatch
1) Alarms: Notification when threshold is reached
2) Events: Respond to state changes (ie: EC2 start up)
3) Logs: Aggregate, Monitor and Store logs (requires EC2 Agent)
4) Dashboards: Customized display
How do you make an EC2 instance publicly available when you’ve forgotten to assign a public IP Address
Create an Internet Gateway
Create an Elastic IP Address (EIP)
Associate the EIP to the instance
You are creating a VPN to connect a customer network to a VPC.
What 3 things do you need to configure
An On-Premises Customer Gateway
A Virtual Private Gateway
A VPC with a hardware VPN
In RDS, what are the attributes of Read Replicas
Asynchronous Replication
Must enable Automated Backups
What RDS database engines support Multi-AZ with two readable standbys
MySQL and PostgreSQL
In RDS, what are the attributes of Multi-AZ deployments
Automatic Failover
Synchronous Replication
What are the 3 DynamoDB structures
Collection (table)
Document (record)
Key/Value Pair (field)
In RDS, what are 2 types of backups
Automated
Snapshot
In RDS, what happens when you restore
A new instance is created
What is needed to create an Elastic Load Balancer (ELB)
At least 2 Public subnets in different AZs
How many IP Addresses are reserved per subnet
The first 4 and the Last IP addresses
For which S3 Events can you send notifications
Put
Post
Copy
Delete
What are the 3 types of Glacier
Instant Retrieval: Archive data accessed once a quarter. Retrieval times in milliseconds, minimum of 90 days of storage
Flexible Retrieval: Archive data accessed 1-2 times per year. Minimum of 90 days of storage. Retrieval times:
- Expedited: 1 - 5 minutes
- Standard: 3 - 5 hours
- Bulk: 5 - 12 hours
Deep Archive: Long-lived archive data accessed less than once per year. Minimum of 180 days of storage. Retrieval times:
- Standard: Within 12 hours
- Bulk: Within 48 hours
What are the 3 data formats supported by Athena
JSON
Apache Parquet
Apache ORC
What are the 5 types of traffic not logged in a Flow Log
AWS DNS traffic
EC2 Windows License Activation
Instance Meta data on 169.254.169.254
DHCP traffic
VPC reserved IP Address traffic
