Practice Exam 4 Flashcards
What is AWS QuickSight?
Fast, cloud-powered business intelligence service that makes it easy to deliver insights to everyone in your organization
What is AWS Athena
An interactive service that makes it easy to analyze data in Amazon S3 using standard SQL
What do a bucket needs in order to enable CRR?
Versioning to be enabled
Which buckets need versioning enabled to enable CRR?
The source and destination buckets
What is S3 Transfer Acceleration?
A feature which enables fast, easy, and secure transfers of files to and from your bucket
What CloudFormation feature allows you to create stacks in AWS accounts across regions by using a single AWS CloudFormation template?
StackSets
What are stack instances attached to?
Stack instances are attached to a stack set
What is the purpose of CloudFormation Change Sets?
Preview how proposed changes to a stack might impact your running resources
What does S3 Transfer Acceleration leverages?
Amazon CloudFrontโs globally distributed AWS Edge Locations
What is AWS Direct Connect
A cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS
What is AWS Transfer for SFTP
A fully managed service that enables the transfer of files directly into and out of Amazon S3 using the Secure File Transfer Protocol (SFTP) which is also known as Secure Shell (SSH) File Transfer Protocol
What is Amazon S3 Object Lock?
A feature which simply enables you to store objects using a write-once-read-many (WORM) model
What is the only CodeDeploy deployment type supported for ECS?
Blue/Green
What is the unit of concurrency for Lambda functions that process Kinesis or DynamoDB streams?
The number of shards
What is the execution context of a Lambda function?
Its the temporary runtime environment that initializes any external dependencies of your Lambda function code, such as database connections or HTTP endpoints
What is the AWS Service Catalog
This service just allows organizations to create and manage catalogs of IT services that are approved for use on AWS
What is AWS Config?
A service that enables you to assess, audit, and evaluate the configurations of your AWS resources
If you lose the key used to encrypt an object with SSE-C, can you still retrieve the encrypted objects?
No
What is AWS OpsWork?
A configuration management service that provides managed instances of Chef and Puppet (Automation platforms that allow you to use code to automate the configurations of your servers)
What is the EC2 Launch type in ECS?
The EC2 launch type allows you to run your containerized applications on a cluster of Amazon EC2 instances that you manage
What is the other launch type in ECS?
Fargate launch type
What is the ECS feature which provides you with expressions that you can use to group container instances by a specific attribute?
Cluster Query Language (Cluster queries)
What are Task Group in ECS?
Sets of related tasks
What are Task Placement Constraints?
Rules that are considered during task placement
What does the IAM DB Authentication in RDS allow?
Allow encrypted connections to and from an RDS DB using SSL, it is primarily used to secure data-in-transit
What are the three options for retrieving data in an S3 Glacier?
Standard retrievals (3-5 hours) Bulk retrievals (5-12 hours, large amount of data) Expedited retrievals (1-5 minutes)
What is format of the sign in url in AWS?
https://ACCOUNTALIAS.signin.aws.amazon.com/console
Why must the requester have permission to perform the kms:Decrypt action on the key when using multipart upload with encryption in S3?
Because in order to assemble the parts which were all uploaded and then SSE individually, each parts must be decrypted and then assembled
What does CA stand for?
Certificate Authority
What are the two services that allow a user to import SSL/TLS certificates?
AWS Certificate Manager
IAM certificate store
What do you need in order to run C++ Code in Lambda?
A custom runtime
What is Amazon Inspector?
An automated security assessment service that helps improve the security and compliance of applications deployed on AWS
What is AWS CloudHSM?
A service that provides hardware security modules in AWS Cloud
What does HSM stand for?
Hardware Security Module
What is an HSM?
A computing device that processes cryptographic operations and provides secure storage for cryptographic keys
What are DynamoDB sparse indexes?
Sparse indexes are indexes where not all items in a table might have
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-indexes-general-sparse-indexes.html
What does the MaxAgeSeconds cors rule specifies?
The amount of time the browser will cache the response to the preflight OPTIONS request for the specified source
What is AWS Elastic Map Reduce?
The industry-leading cloud big data platform for processing vast amounts of data using open source tools (NOT real time)
What are the two integration type available for Lambda functions?
Lambda proxy integration
Lambda custom integration
Can you unmount the ROOT volume of a running EC2 instance?
No, you must first stop the instance, and then detach
How to setup CloudFront with origin failover?
Create an origin group with a primary origin plus a second origin that CloudFront will automatically switch to when the primary origin returns specific HTTP status code failure responses
