Revisit Domain 2: Technology Flashcards
Which AWS services can be used to decouple components of a microservices based application on AWS Cloud? (Select two)
- AWS Step Functions
- AWS Lambda
- Amazon Simple Queue Service (SQS)
- Amazon EC2
- Amazon SNS
- SQS
- SNS
Amazon Simple Queue Service (SQS)
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.
Amazon Simple Notification Service (SNS)
Amazon Simple Notification Service (SNS) is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Using Amazon SNS topics, your publisher systems can fan-out messages to a large number of subscriber endpoints for parallel processing, including Amazon SQS queues, AWS Lambda functions, and HTTP/S webhooks. Additionally, SNS can be used to fan out notifications to end users using mobile push, SMS, and email.
A company wants to improve the resiliency of its flagship application so it wants to move from its traditional database system to a managed AWS NoSQL database service to support active-active configuration in both the East and West US AWS regions. The active-active configuration with cross-region support is the prime criteria for any database solution that the company considers.
Which AWS database service is the right fit for this requirement?
- Amazon DynamoDB with global tables
- Amazon DynamoDB with DynamoDB Accelerator
- Amazon Aurora with multi-master clusters
- Amazon Relational Database Service (Amazon RDS) for MYSQL
Amazon DynamoDB with global tables
Amazon DynamoDB is a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale. DynamoDB offers built-in security, continuous backups, automated multi-region replication, in-memory caching, and data export tools.
DynamoDB global tables replicate data automatically across your choice of AWS Regions and automatically scale capacity to accommodate your workloads. With global tables, your globally distributed applications can access data locally in the selected regions to get single-digit millisecond read and write performance. DynamoDB offers active-active cross-region support that is needed for the company.
Which of the following are correct statements regarding the AWS Global Infrastructure? (Select two)
- Each AWS Region consists of a minimum of three Availability Zones (AZ)
- Each Availability Zone (AZ) consists of one or more discrete data centers
- Each AWS Region consists of a minimum of two Availability Zones (AZ)
- Each Availability Zone (AZ) consists of two or more discrete data centers
- Each AWS Region consists of two or more Edge Locations
Each AWS Region consists of a minimum of three Availability Zones (AZ)
Each Availability Zone (AZ) consists of one or more discrete data centers
AWS has the concept of a Region, which is a physical location around the world where AWS clusters its data centers. AWS calls each group of logical data centers an Availability Zone (AZ). Each AWS Region consists of a minimum of three, isolated, and physically separate AZs within a geographic area. Each AZ has independent power, cooling, and physical security and is connected via redundant, ultra-low-latency networks.
An Availability Zone (AZ) is one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region. All AZs in an AWS Region are interconnected with high-bandwidth, low-latency networking, over fully redundant, dedicated metro fiber providing high-throughput, low-latency networking between AZs.
A research group wants to use EC2 instances to run a scientific computation application that has a fault tolerant architecture. The application needs high-performance hardware disks that provide fast I/O performance. As a Cloud Practitioner, which of the following storage options would you recommend as the MOST cost-effective solution?
- Instance Store
- Amazon EBS
- Amazon S3
- Amazon EFS
- Instance Store
An instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. This is a good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates or you can take advantage of fault-tolerant architectures. For this use-case, the computation application itself has a fault tolerant architecture, so it can automatically handle any failures of Instance Store volumes.
As the Instance Store volumes are included as part of the instance’s usage cost, therefore this is the correct option.
Which of the following is an AWS database service?
- AWS Storage Gateway
- AWS DMS
- Amazon Redshift
- AWS Glue
Amazon Redshift
Amazon Redshift is a fully-managed petabyte-scale cloud-based data warehouse product designed for large scale data set storage and analysis.
A big data analytics company is moving its IT infrastructure from an on-premises data center to AWS Cloud. The company has some server-bound software licenses that it wants to use on AWS. As a Cloud Practitioner, which of the following EC2 instance types would you recommend to the company?
- Dedicated Instance
- On-Demand Instance
- Reserved Instance (RI)
- Dedicated Host
Amazon EC2 Dedicated Hosts allow you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2. An Amazon EC2 Dedicated Host is a physical server fully dedicated for your use, so you can help address corporate compliance requirements.
You cannot use Dedicated Instances for using server-bound software licenses.
Which AWS services can be used to facilitate organizational change management, part of the Reliability pillar of AWS Well-Architected Framework? (Select three)
- Amazon Guard Duty
- Amazon CloudWatch
- AWS Config
- AWS CloudTrail
- Amazon Inspector
- AWS Trusted Advisor
- Amazon CloudWatch
- AWS Config
- AWS CloudTrail
There are three best practice areas for Reliability in the cloud - Foundations, Change Management, Failure Management. Being aware of how change affects a system (change management) allows you to plan proactively, and monitoring allows you to quickly identify trends that could lead to capacity issues or SLA breaches.
Compared to the on-demand instance prices, what is the highest possible discount offered for spot instances?
- 50%
- 75%
- 90%
- 10%
90%
Amazon EC2 spot instances let you take advantage of unused EC2 capacity in the AWS cloud. Spot instances are available at up to a 90% discount compared to the on-demand instance prices. You can use spot instances for various stateless, fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC), and other test & development workloads.
A company’s flagship application runs on a fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances. As per the new policies, the system administrators are looking for the best way to provide secure shell access to Amazon Elastic Compute Cloud (Amazon EC2) instances without opening new ports or using public IP addresses.
Which tool/service will help you achieve this requirement?
- Amazon Inspector
- AWS Systems Manager Session Manager
- Amazon Route 53
- Amazon EC2 Instance Connect
AWS Systems Manager Session Manager
AWS Systems Manager Session Manager is a fully-managed service that provides you with an interactive browser-based shell and CLI experience. It helps provide secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, and manage SSH keys. AWS Systems Manager Session Manager helps to enable compliance with corporate policies that require controlled access to instances, increase security and auditability of access to the instances while providing simplicity and cross-platform instance access to end-users.
EC2 Instance Connect will need port 22 to be open for traffic. Therefore, not the correct option here.
An online gaming company wants to block users from certain geographies from accessing its content. Which AWS service can be used to accomplish this task?
- Amazon CloudWatch
- AWS Shield
- AWS Web Application Firewall (AWS WAF)
- Security group
AWS Web Application Firewall (AWS WAF)
AWS Web Application Firewall (AWS WAF) is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection, and cross-site scripting. You can use the IP address based match rule to block specific geographies. The accuracy of the IP Address to country lookup database varies by Region. Based on recent tests, AWS mentions that the overall accuracy for the IP address to country mapping is 99.8%.
An e-commerce company wants to store data from a recommendation engine in a database. As a Cloud Practioner, which AWS service would you recommend to provide this functionality with the LEAST operational overhead for any scale?
- AmazonS3
- Amazon Neptune
- Amazon RDS
- Amazon DynamoDB
Amazon DynamoDB is a key-value and document database that delivers sub-millisecond performance at any scale. Amazon DynamoDB enables customers to offload the administrative burdens of operating and scaling distributed databases to AWS so that they don’t have to worry about hardware provisioning, setup and configuration, throughput capacity planning, replication, software patching, or cluster scaling.
You can use Amazon DynamoDB to store recommendation results with the LEAST operational overhead for any scale.
Which AWS service helps with global application availability and performance using the AWS global network?
- ELB
- CloudFront
- Route 53
- AWS Global Accelerator
AWS Global Accelerator
AWS Global Accelerator is a service that improves the availability and performance of your applications with local or global users. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple AWS Regions, such as your Application Load Balancers, Network Load Balancers, or Amazon EC2 instances. AWS Global Accelerator uses the AWS global network to optimize the path from your users to your applications, improving the performance of your traffic by as much as 60%.
Which of the following statements is INCORRECT about AWS Auto Scaling?
- You can automatically deploy AWS Shield when a DDoS attack is detected
- You can scale out and add more Amazon Elastic Compute Cloud (Amazon EC2) instances to match an increase in demand as well as scale in and remove Amazon Elastic Compute Cloud (Amazon EC2) instances to match a reduced demand
- You can automatically remove unhealthy instances
- You can automatically register new instances to a load balancer
You can automatically deploy AWS Shield when a DDoS attack is detected
AWS Auto Scaling is helpful during a DDoS attack, as it can scale out resources fast. But, it cannot automatically deploy AWS Shield service onto its group of resources.
Which of the following use-cases is NOT supported by Amazon Rekognition?
- Quickly resize photos to create thumbnails
- Identify person in a photo
- Detect text in a photo
- Label objects in a photo
Quickly resize photos to create thumbnails
You cannot use Amazon Rekognition to resize photos to create thumbnails.
Which AWS service can be used to store, manage, and deploy Docker container images?
- Amazon Elastic Container Registry (Amazon ECR)
- Amazon Elastic Container Service (Amazon ECS)
- Amazon Elastic Compute Cloud (Amazon EC2)
- AWS Lambda
Amazon Elastic Container Registry (Amazon ECR)
can be used to store, manage, and deploy Docker container images. Amazon Elastic Container Registry (Amazon ECR) eliminates the need to operate your container repositories. You can then pull your docker images from Amazon Elastic Container Registry (Amazon ECR) and run those on Amazon Elastic Container Service (Amazon ECS).
