Security and Monitoring

Question 1

Default security group behavior

Answer 1

deny all inbound traffic

Question 2

SNMP

Answer 2

Simple Network Mgmt Protocol

monitor and manage network devices connected over an IP. SNMP is used for communication between routers, switches, firewalls, load balancers, servers, CCTV cameras, and wireless devices

Question 3

HTTP

Answer 3

Hypertext transfer protocol

Question 4

TCP

Answer 4

Transmission Control Protocol

enables application programs and computing devices to exchange messages over a network. It is designed to send packets across the internet and ensure the successful delivery of data and messages over networks.

TCP port 80 is used for non-encrypted web services, and TCP port 443 is used for encrypted web services.

Question 5

IP

Answer 5

Internet Protocol

Question 6

ICMP

Answer 6

Internet Message Control Protocol

used for reporting errors and performing network diagnostics. In the error reporting process, ICMP sends messages from the receiver to the sender when data does not come though as it should.

Question 7

WMI

Answer 7

Windows Management Instrumentation Protocol

Question 8

SSL

Answer 8

Secure Socket Layers

securing an internet connection by encrypting data sent between a website and a browser (or between two servers). It prevents hackers from seeing or stealing any information transferred, including personal or financial data.

Question 9

Traceroute

Answer 9

Tool that use successive echo packets to display the path to the destination and the response time of each hop (ping)

Question 10

Simple fault monitoring

Answer 10

system polls registered devices at established intervals to verify if they respond.

Question 11

packet analyzer…or packet sniffer

Answer 11

standard tool for capturing packets.

Logs each packet it intercepts, decodes the packet, and presents the values of the various fields within the packet for examination.

Question 12

Traffic Mirroring

Answer 12

direct network traffic coming to and from an EC2 instance to a separate Amazon EC2 based packet analyzerto analye

Question 13

five phases of reliability pillar

Answer 13

generate, aggregate, alert, analyze, , storage

Question 14

Cloudwatch

Answer 14

Monitoring service for AWS workloads and resources.

Question 15

Cloudwatch Events

Answer 15

near real-time stream of events which describe resources changes

Question 16

What do you use to send an email with a Cloudwatch Alarm?

Answer 16

SNS topic

Question 17

Most important metrics to track

Answer 17

1. Bandwidth capacity maximum data transmission rate
2. Throughput: megabyte or gigabyte per second of data packets that are successfully being sent
3. Latency
4. Packet Loss
5. Retransmission
6. Availability (up tiime)
   7 Connectivity: Nodes properly working
7. Network and Server response time
8. Cloudwatch Metrics

Question 18

Transit Gateway Manager

Answer 18

provides a single global view of your private network to visualize and monitor the health of your Amazon VPCs, Transit Gateways, Direct Connect, and VPN connections to branch locations and on-premises networks.

Question 19

Wavelength

Answer 19

AWS Wavelength embeds AWS compute and storage services within 5G networks, providing mobile edge computing infrastructure for developing, deploying, and scaling ultra-low-latency application

Question 20

VPC Flow Logs

Answer 20

information about the IP traffic going to and from network interfaces in your VPC.

Question 21

SIM

Answer 21

Security Information Monitoring

Question 22

SEM

Answer 22

Security Event Monitoring

Question 23

AWS Compliance Frameworks

Answer 23

ensure regulation of data happens securely.

Question 24

Benching Tools

Answer 24

How your network is performing.
Throughput and bandwidth are measured by benching tools

Question 25

iPerf and IPefr3

Answer 25

Tools for active measurements of the maximum achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, buffers, and protocols (TCP, UDP, SCTP with IPv4 and IPv6). For each test, they report the bandwidth, loss, and other parameters.

Question 26

ExtraHop

Answer 26

monitoring solution for security, network performance, and the cloud. It gives detailed metrics on average bandwidth utilization, average throughput, and more.

Question 27

Netperf

Answer 27

CLI tool similar to iPerf that measures throughput and benchmarking speeds.

Question 28

CloudWatch agent

Answer 28

collect metrics for your Amazon EC2 instances and your on-premises servers.

Question 29

How does Cloudwatch categorize Data?

Answer 29

A Namespace contains data and each different namespace holds different data. For example, all AWS data is contained inside a namespace named AWS/service.

Dimensions separates resources in the namespace

Question 30

Systems Manager Agent (formerly ssm)

Answer 30

view and control your infrastructure on AWS

automate operational tasks across your AWS resources

maintain security and compliance by scanning your managed instances and reporting on (or taking corrective action on) any policy violations it detects.

Once installed EC2 becomes a managed instance

Question 31

How do you collect Systems Mgr Agent logs

Answer 31

Sending to cloudwatch

Question 32

T/F you can connect Cloudwatch Logs to your VPC using an endpoint.

Answer 32

True

Question 33

Cloudwatch Insights

Answer 33

Visualize data in graphs and supports Cloudwatch Query language

Question 34

Cloudwatch alarm types

Answer 34

Metric (one) , Composite (group)