Services Flashcards

Question 1

Q

Cloud Computing Service Model

Answer

A

3 main types of cloud service models

Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)

Question 2

Q

Deployment models

Answer

A

3 main types of cloud deployment models

Public
Private
Hybrid

Question 3

Q

Cloud Computing

Answer

A

On-demand delivery of compute power, database storage, apps and other IT resources through a cloud services platform with pay as you go pricing.

Question 4

Q

Advantages of cloud computing

Answer

A

Trade capital expense for variable expense (pay as you go)
Massive economy of scale; we get the cost savings
Stop guessing capacity
Increase speed and agility (need foundation)
Stop spending money through maintaining data centers
Can expand easily (lower cost of trying new ideas); reduces risks for organizations

Question 5

Q

IaaS

Answer

A

Cloud computing service model
The provider offers virtualized computing resources over the Internet.

Question 6

Q

PaaS

Answer

A

Cloud computing service model
The provider offers a platform for developing, testing, and deploying applications over the Internet.

Question 7

Q

SaaS

Answer

A

Cloud computing service model
The provider offers software applications over the Internet.

Question 8

Q

Regions

Answer

A

Geographical areas where AWS provides services.

There’s also data centers here.

6 in the US
25 worldwide

Question 9

Q

Availability Zones

Answer

A

They have 1 or more data centers
There’s multiple of them included within each AWS region. 2 in a region minimum. 1 has at least 1 data center.
They are located within a geographic area of an AWS region.
Has redundant power, networking and connectivity.

24 in the USA
69 worldwide

Question 10

Q

Edge Location

Answer

A

AWS data centers that are designed to cache and deliver content to end-users with low latency.

Question 11

Q

Amazon Elastic Compute Cloud (EC2)

Answer

A

Web service that provides resizable compute capacity in the cloud.

Can create virtual machines (aka EC2 instances) that can run a variety of operating systems and applications.

Question 12

Q

Elastic Beanstalk

Answer

A

A web service that makes it easy to deploy and scale web applications and workloads on EC2

During deployment, it handles provisioning, load balancing and monitoring (reduce maintenance needed)

Leverages existing AWS services (only pay for the other services you leverage)

Deploy app with minimal knowledge of other services

Supports Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker.

Question 13

Q

AWS Lambda

Answer

A

A serverless compute service that runs your code in response to events and triggers.

Question 14

Q

Lightsail

Answer

A

A simplified compute service that provides virtual private servers, storage, and networking.

Question 15

Q

Amazon Simple Storage Service (S3)

Answer

A

A scalable object storage service that provides virtually unlimited storage for data from anywhere on the web, data which you can also retrieve.

Offers feature such as versioning, lifecycle policies and encryption.

Question 16

Q

Elastic Block Store (EBS)

Answer

A

A block storage service that provides PERSISTENT storage for EC2 instances.

Question 17

Q

Glacier

Answer

A

A low-cost, secure, and durable storage service designed for data archiving and long-term backup.

Question 18

Q

Storage Gateway

Answer

A

A hybrid storage service that provides a bridge between on-premises and cloud storage.

Question 19

Q

Amazon Relational Database Service (RDS)

Answer

A

Fully managed database service that makes it easy to set up, operate, and scale a relational database in AWS.

Handles provisioning, patching, backup, and recovery of database

Supports deployment across multiple AZs and can be launched into a VPC

Platform supported: MySQL, MariaDB, Oracle Database, SQL Server, Amazon Aurora (MySQL compatible RDBS built for Cloud that is open-sourced database)

Question 20

Q

DynamoDB

Answer

A

A fully managed NoSQL database service that provides fast and predictable performance with seamless automated scalability based off usage.

It allows you to store and retrieve any amount of data and serve any level of request traffic.

Provided both key-value and document database

Offers in-memory cache with the DynamoDB Accelerator (DAX)

Handles 10 trillion requests per day (20 million requests per second)

Use Case: Serverless architecture, scale without excessive maintenance

Question 21

Q

Redshift

Answer

A

A scalable data warehousing service that provides fast querying and analysis of large data sets.

Leverages high performance disks and columnar storage

Offers the ability to fully encrypt contents through providing isolation with VPCs

Enables querying of exabytes of data in Amazon S3 using Redshift Spectrum

Question 22

Q

Aurora

Answer

A

A high-performance fully managed relational database engine that is compatible with MySQL and PostgreSQL.

It provides up to five times better performance than standard MySQL or PostgreSQL databases.

Question 23

Q

Amazon Virtual Private Cloud (VPC)

Answer

A

A service that provides a logically isolated section of the AWS Cloud for deploying resources in a virtual network that you define and control.

Question 24

Q

Elastic Load Balancing

Answer

A

A service that grows and contracts based on the incoming traffic across multiple targets such as EC2 instances, containers and IP addresses, improving availability and fault tolerance.

Works with EC2, ECS and Lambda

Question 25

Q

Route 53

Answer

A

A Domain Name System (DNS) service that allows you to route internet traffic to your resources, such as EC2 instances or S3 buckets, and to map domain names to specific resources (such as mapping www.example.com to IP addresses 192.0.2.1.

Can reroute users when server is down

Question 26

Q

CloudFront

Answer

A

A content delivery network service that caches and delivers content such as data, videos, applications, and APIs globally to end-users with low latency and high transfer speeds.

Uses edge locations

Uses server closest to user

Question 27

Q

AWS Identity and Access Management (IAM):

Answer

A

A service that let you manage access to AWS services and resources securely.

It allows you to create and manage users and groups, and to assign permissions for specific AWS resources.

Question 28

Q

Amazon Inspector

Answer

A

A security assessment service that helps improve the security and compliance of applications deployed on AWS.

Question 29

Q

Certificate Manager

Answer

A

A service that lets you provision, manage, and deploy SSL/TLS certificates for use with AWS services.

Question 30

Q

Key Management Service (KMS)

Answer

A

A service that makes it easy to create and manage keys

Question 31

Q

Amazon Simple Notification Service (SNS)

Answer

A

A flexible and fully managed messaging service that allows you to send notifications from the cloud to different devices and endpoints.

Question 32

Q

Simple Queue Service (SQS)

Answer

A

A fully managed message queuing service that enables you to decouple and scale micro-services, distributed systems, and serverless applications.

Supports up to 256 Kbs. data payload and allows message to be stored up to 14 days

Provides two types of queues (Standard/FIFO)

Question 33

Q

Amazon Web Services (AWS)

Answer

A

Cloud computing platform that provides a wide range of services and tools to help businesses and individuals build and deploy applications and services.

Question 34

Q

AWS Global Infrastructure

Answer

A

AWS has a global infrastructure that includes regions, availability zones, and edge locations.

Question 35

Q

CloudFormation

Answer

A

Managed service for provisioning infrastructure based on templates

Pay for resources as you go

Templates in YAML and JASON (infrastructure as a code)

Manages dependencies between resources

Provides drift detection to find changes in your infrastructure (can identify changes)

Question 36

Q

CloudWatch

Answer

A

Provides metrics, logs, and alarms for infrastructure

Monitoring and management services

Provides visualizations capabilities for metrics (custom dashboards)

Question 37

Q

AWS CLI (Command Line Interface)

Answer

A

A command-line tool that enables you to interact with AWS services and manage them from your terminal or command prompt.

Question 38

Q

CloudTrail

Answer

A

A service that provides a record of API calls made in your AWS account.

It logs all API activity and makes it easier to track changes and troubleshoot issues.

Question 39

Q

Kinesis

Answer

A

A fully managed service for real-time data processing and analytics.

It allows you to ingest, buffer, and process streaming data at a large scale.

Question 40

Q

Auto Scaling

Answer

A

A service that automatically adjusts the number of EC2 instances in a fleet in response to changes in demand for application resources.

Question 41

Q

Simple Email Service (SES)

Answer

A

A cloud-based email sending service designed to help digital marketers and application developers send marketing, notification, and transactional emails.

Question 42

Q

API Gateway

Answer

A

A service that enables you to create, deploy, and manage APIs for your applications.

Has monitoring and metrics

Question 43

Q

AWS Config

Answer

A

A service that enables you to continuously assess, audit, and evaluate the configurations of your AWS resources

Has configuration history for infrastructure

Works against rules that you can customize or even create custom validation

Includes conformance packs for compliance standards

Work with AWS organization

Provides remediation steps if not meeting criteria

Question 44

Q

Trusted Advisor

Answer

A

A service that provides best practices, guidance, and recommendations for optimizing your AWS infrastructure

Access through the AWS Console

Different checks provided based of support plan tier

All AWS customers get access to 7 core checks

Question 45

Q

What is the value of AWS Cloud?

Answer

A

Trade capital expense for variable expense (pay as you go)
Massive economy of scale; we get the cost savings
Stop guessing capacity
Increase speed and agility (need foundation)
Stop spending money through maintaining data centers
Can expand easily (lower cost of trying new ideas); reduces risks for organizations

Question 46

Q

How does AWS Cloud allow users to focus on business value?

Answer

A

Shift technical resources to revenue-generating activities as opposed to managing infrastructure

Question 47

Q

Total Cost Ownership Calculator

Answer

A

Generates report that evaluate the costs of running their applications on AWS versus running them on-premises

Question 48

Q

OpEx/Operational Expenses

Answer

A

Costs associated with running and maintaining a system or application on the AWS cloud

Typically pay-as-you-go and can be scaled up or down as needed.

Question 49

Q

CapEx/Capital Expenses

Answer

A

Upfront costs associated with purchasing and deploying hardware and infrastructure.

Question 50

Q

Impact of software licensing when moving to the cloud

Answer

A

Organizations can save on software licensing costs.

AWS offers flexible and scalable options for computing resources, allowing organizations to optimize their use and avoid paying for unused capacity.

Additionally, AWS offers various licensing options, such as bring-your-own-license and pay-as-you-go, which can further reduce costs.

Question 51

Q

Five characteristics of a data center

Answer

A

Increasing capacity takes time and additional investment (CapEx)
Large upfront investments CapEx
Forecasting the user demand is difficult so there can be under used capacity/unmet demand
Maintaining data centers is expensive
Security and compliance maintenance

Question 52

Q

3 types of cloud computing models and the control they have

Answer

A

IaaS Infrastructure as a Service: Max Control
PaaS Platform as a Service: Medium Control
SaaS Software as a Service

Question 53

Q

Public Cloud Deployment Model

Answer

A

Deployed onto a public cloud provider

EX: AWS, Microsoft Azure, Google Cloud

Question 54

Q

On Premise Deployment Model

Answer

A

Deployed in a private data center using cloud-like providers (VMWare)

Question 55

Q

Hybrid Cloud Deployment Model

Answer

A

Deployed with a mix of public cloud and on-premise models, using both a provider like AWS and private

Question 56

Q

Elasticity

Answer

A

The ability to acquire resources as you need them and release resources when you no longer need them.

Question 57

Q

Naming Convention for AWS Availability Zone

Answer

A

Us-east-2a

These 3 make the region piece
- Area
- Sub-area
- Number
This comes at the end
- AZ

OR in other words

(Region - AZ)

Question 58

Q

Cost Explorer

Answer

A

User interface for reviewing AWS costs, forecasting future costs, and providing recommendations for cost optimization

Question 59

Q

Pricing Calculator/ Simple Monthly Calculator

Answer

A

Tool for estimating the cost of running specific AWS infrastructure (can give estimation of future workloads)

Question 60

Q

Resource Tags

Answer

A

Metadata assigned to a specific AWS resource (name and optional value to categorize costs)

Question 61

Q

AWS Organizations

Answer

A

Allows organizations to manage multiple accounts under 1 master account

Consolidated billing for 1 account

Get centralized logging and security standards across accounts

Question 62

Q

AWS Support

Answer

A

Enables support from AWS resources for workloads running in the cloud
provided in different tiers based on need and scope
Includes tools to provide automated answers and recommendations

Question 63

Q

Personal Health Dashboard

Answer

A

Alerts and remediation guidance when AWS is experiencing events that may impact you

Question 64

Q

7 Core Checks of AWS Trusted Advisor

Answer

A

Cost Optimization
Performance
Security
Fault Tolerance
Service Limits

Answer 65

A

All access by AWS customers
Access to trusted advisors
Access to Personal Health Dashboard
No access to support engineers for technical implementations
No monthly costs

Answer 66

A

Has all features of basic support
Business hours email access to support engineers
Limited to 1 primary contact that can file cases
$29 a month > ties into AWS usage

Answer 67

A

Has all features of developer support
Full set of Trusted Advisor checks
Unlimited contacts can make cases
3rd party software support
$100 a month > ties into AWS usage
Email, Chat, Phone: 24/7 access to Cloud Support Engineers

Answer 68

A

Has all features of business support
Includes designated Technical Account Manager
Includes concierge support teams
Starts at $15,000 per month
Email, Chat, Phone: 24/7 access to Senior Cloud Support Engineers

Answer 69

A

General incidents: 24 hours

System impaired: 12 hours

Production system impaired: 4 hours

Production system down: 1 hour

Answer 70

A

General incidents: 24 business hours

Answer 71

A

General incidents: 24 hours

System impaired: 12 hours

Production system impaired: 4 hours

Production system down: 1 hour

Business critical system down: 15 minutes

Answer 72

A

Provides step by step deployment instructions for common technology platforms

Answer 73

A

Partners are 3rd party consultants that can help with cloud implementations

Answer 74

A

Utilize AWS employees for assistance as cloud implementation consultants

Answer 75

A

Users can leverage their browser to configure resources

It is a web and app-based interface for interacting with most of AWS services

It is great to test out AWS services

Root user > person that actually created the account (unrestricted)

IAM user > person that has limited access

Answer 76

A

Command line access for administering AWS resources

Manage your use of AWS services from the command line

Repeated tasks to automate would be good

Access keys: created and should download key IDs

CLI: 2 versions, Windows > Python

Answer 77

A

Programmatic access to manage AWS resources (software developer kit)

Automate many aspects of the platform

Help in the backend customization

Repeated tasks to automate would be good

Enables automation of AWS tasks within custom apps (Java, .NET, Node.js, JavaScript, PHP, Python, Ruby, Go, C++)

Answer 78

A

Defines the processor, memory and storage type

Use for general purpose,
compute/memory/storage optimized, accelerated computing

Need downtime to change

Certain instance types have unique types

Pricing changes over time and varies base on vCPU (virtual centralized processing unit), memory, and linux pricing.

Changes based on the higher the memory, the higher the linux pricing.

Answer 79

A

Instance store: the data can go away. Ephemeral storage that is physically attached to host virtual server is running on

Elastic Block Store (EBS): can be continual. Persistent storage that exists separately from host virtual server is running on

Answer 80

A

Template for launching an EC2 instance including configuration, operating system, data

AWS provides many of them that can be leveraged

They can be shared across AWS accounts

Can create your own

Commercial ones are available with AWS Marketplace

Answer 81

A

You pay by the second for the instances that are launched

Answer 82

A

You purchase at a discount instances in advance for 1-3 years

Standard: All Upfront (high CapEx), Partial Upfront (1/3 cost), No Upfront

Convertible: conversion of attributes for workloads

Scheduled: works for a time window to have various workloads

Answer 83

A

You can leverage unused EC2 capacity in a region for a large discount

Answer 84

A

Dedicated physical server (most expensive)

May be required for server software licensing or compliance requirement

Answer 85

A

Launch Instance

Select an AMI

Select an Instance Type and Configure Instance Details

Add Storage (can change volume)

Add Tags (if needed)

Configure Security Groups (can be personal with My IP)

Answer 86

A

Public DNS (Domain name system) to check out the web server you created virtually

Answer 87

A

Terminate it to not incur costs

Answer 88

A

Get started on Elastic Beanstalk

Create the web app

Choose the platform (software)

Upload code or sample application

Configure more options (can be adjusted)

Create app (will do the initial deployment)

Monitor it on dashboard (if you want)

Terminate when done

Answer 89

A

Logically isolated section of AWS cloud where you can launch AWS resources in a Virtual Network you define

Supports IPv4 and IPv6 address

Can configure the IP address range, subnets, route tables, gateways

Supports public and private subnets

Enables a connection to data center

Can connect to other VPCs and private connections to AWS services

Answer 90

A

Cloud solution that makes it easy to establish a dedicated connection from data centers to AWS

Answer 91

A

Translates memorized domain names to numeric IP addresses needed for locating and identifying computer services/devices with underlying network protocols

Answer 92

A

Sends user’s traffic through AWS’s global network infrastructure, improving internet user performance by up to 60%

Utilizes IP addresses that route to edge locations

Once requests reaches edge locations, traffic is routed through AWS network

Use Cases: Non-HTTP Protocol (UDP, MQTT, VOIP), Requires Static IP, Instant Failover

Answer 93

A

Distance between user and initial endpoints is minimized with edge locations

Traffic is reduced

Results in improvement of throughput and provides superior fault tolerance by not relying on DNS

Answer 94

A

Stores files as objects in buckets (provides different storage classes for different use cases)

Stores data across multiple AZs

Enables URL access for files

Configurable rules for data lifecycle/ Static web host

Objects can transition/ expire based on criteria

Transitions can enable objects to move to another storage based on time

Answer 95

A

Default storage class

Answer 96

A

Infrequently accessed data with the standard resilience

Answer 97

A

Moves data to correct storage class based on usage (frequency)

Answer 98

A

Infrequent access data that is in one AZ

Answer 99

A

Feature that can be enabled per bucket that allows for optimized uploading of data using AWS Edge locations as a part of CloudFront

Answer 100

A

Create bucket

Give it a unique bucket name

Configure options

Manage performance (public/private)

Complete

Answer 101

A

Upload files into bucket as objects

Manage uploads

Storage classes

Upload (all can access the URL)

Manually set permissions

To host a website, you need an index.html

Answer 102

A

Leverages the DataSync agent deployed as a VM on your network
Integrates with S3 EFS and Fix for Windows File Server on AWS
Greatly improved speed of transfer due to custom protocol and optimizations
Charged per GB of data transferred

Answer 103

A

Fully managed in-memory data store

Supports both Memcached and Redis

Provides low latency in response times

Enables scaling and replicas to meet application demand

Handles common use cases including database layer caching, session storage

Answer 104

A

Fully managed pub-sub messaging service

Enables to create decoupled apps

Organized according to topics (Publish/Subscribe)

Can integrate with multiple AWS services

Provides end user notification across SMS, email, and other notifications

Example: User Signup > SNS Topic > Lambda Function & SQS Queue > Email

Answer 105

A

Enables orchestration of workflows through a fully managed service

Supports driverless architectures and complex workflows including error handling

Charged per state transitions along with the other AWS services leveraged

Workflows are defined using Amazon States Language

Integrate with Compute, Database, Messaging, Data Processing and Machine Learning Services

Answer 106

A

Log, continuously and monitor account activity related to actions across AWS infrastructure

Inserts audit trail in an S3 bucket or into CloudWatch Logs

Logs events in regions which they occur

Meet many compliance requirements (should be enabled for every AWS account)

Use Cases: Forensics Analysis (data breaches), Operational Analysis, Troubleshooting

Answer 107

A

Log, continuously and monitor account activity related to actions across AWS infrastructure

Inserts audit trail in an S3 bucket or into CloudWatch Logs

Logs events in regions which they occur

Meet many compliance requirements (should be enabled for every AWS account)

Use Cases: Forensics Analysis (data breaches), Operational Analysis, Troubleshooting

Answer 108

A

UI that can view operational data from AWS architectures

Provides multiple tools to manage infrastructure

Enables automation tasks for common maintenance actions

Gives security to access servers using only AWS credentials

Stores commonly used parameters securely for operational use

Answer 109

A

UI that can view operational data from AWS architectures

Provides multiple tools to manage infrastructure

Enables automation tasks for common maintenance actions

Gives security to access servers using only AWS credentials

Stores commonly used parameters securely for operational use

Answer 110

A

Configuration management service (defined as code for servers)

Provides managed instances of Chef and Puppet

Works in hybrid cloud architecture for cloud base and on-prem

Answer 111

A

Multi-account environment that centralizes users across all AWS accounts

Create new AWS accounts based on templates and dashboard capabilities

Guardrails - specific protections within child-parental relationships

Answer 112

A

Sending unsolicited mass emails is prohibited

Hosting or distributing harmful content is prohibited

Penetration tests are allowed of a list of specific services

Answer 113

A

Access and training for Amazon employees

Security of the cloud infrastructure

Global data centers and underlying network

Hardware for global infrastructure

Configuration management for infrastructure

Patching cloud infrastructures and services

Answer 114

A

Customers are responsible for the security of the workloads they run in the cloud, including the operating system, applications, data, security, and identity and access management.

Access to cloud resources and training

Operating system, network and firewall configurations

All code deployed onto cloud infrastructure

0 Patching guest OS and customs applications

Answer 115

A

Being able to support the failure of components within your architecture

Service that supports Fault Tolerance: SQS, Route 53

Answer 116

A

AWS Config: Provides conformance packs for standards

AWS Artifact: Provides self-service access to reports

Amazon GuardDuty: Provides intelligent threat detection

Answer 117

A

Grants minimum permissions needed to complete their task (Root vs IAM)

Answer 118

A

User: Account for a single individual to access AWS resources

Groups: Allows you to manage permissions for a group of IAM Users

Role: Enables a user or AWS service to assume permissions for a task

Answer 119

A

A JSON document that defines permissions for an AWS IAM identity (principal)

Defines both AWS services that the identity can access and what actions can be taken on service

Can be managed by either customer or AWS

Answer 120

A

Multi-Factor Authentication: provides additional security through physical/virtual device that generates a token for login (managed from a root user perspective)

Least Privilege Access: granted access to AWS that are required for their tasks

Answer 121

A

User directory service for custom apps (provides UI components for many platforms)

Provides security capabilities to control account access

Enables controlled access to AWS resources and work with social enterprise identity provider

Answer 122

A

ETL process (store data, pull it out, manipulate it, load)

Serverless execution that supports data in Amazon RDS, DynamoDB, Redshift and S3

Answer 123

A

Enables big-data processing on Amazon EC2 and S3

Supports big data, popular open-source frameworks, Apache services and tools

Operates in a clustered environment without additional configuration

Supports Apache Spark, Hive, Base, Flink, Audi, Presto

Answer 124

A

Managed ETL and the workflow through AWS services

Supports all of Glue’s functionality and can integrate with on-prem data stores

Answer 125

A

Fully managed serverless service

Enables querying of large-scale data stored within Amazon S3

Queries are written using standard SQL

Charged based on data scanned for query

Answer 126

A

Fully managed BI service

Dynamic data dashboard based on data stored in AWS

Charged on per-user and per-session pricing model

Multiple versions based on needs

Answer 127

A

Fully managed search services of AWS

Supports scaling of search infrastructure to meet demand

Charged per hour and instance type of search infrastructure

Enables developers to integrate search into custom apps

Answer 128

A

Fully managed images and video recognition deep learning service

Image object detection

Identifies objects and actions in video

Detects specific people using facial analysis

Supports custom labels for your business objects

Answer 129

A

Fully managed service for text translation

Can support 54 languages and perform language identification

Works both in batch and real-time

Answer 130

A

Any event that has a negative impact on a company business continuity or finances

Answer 131

A

Key infrastructure components are kept running in the cloud

Designed to reduce recovery time over the Backup and Restore approach

Incur cost of this infrastructure continually running in the cloud

AMI’s are prepared for additional system and can be launched quickly

Answer 132

A

Scaled-down version of the full environment is running in the cloud

Critical systems can be running on less capable instance types

Instance types and other systems can be ramped for DR events

Incur continuous run in the cloud

Answer 133

A

Full environment always running in cloud

Utilizes instance types needed for production not just recovery

Provides a near seamless recovery

Least recovery time but most costly

Answer 134

A

Time to take backup and running from DR event

Answer 135

A

Amount of data loss for a production system during a disaster recovery event

Data loss for an hour in terms of time

Answer 136

A

Scale up instance type to a larger instance type with additional resources

Answer 137

A

Scale out and add additional instances to handle demand of apps

Answer 138

A

Launch template defines the instance configuration for the group

Defines the minimum, maximum, and desired number of instances

Health check performance on each instance

Exists within 1 or more availability zone in a single region

On-demand and spot instances

Answer 139

A

Secure way to integrate credentials, API keys, token and other content

Integrate with RDS, DocumentDB, and Redshift

Can auto-rotate credentials with integrated services

Enables fine-grained access control to secrets

Answer 140

A

Creates an encrypted tunnel into VPC

Can be used to connect your data center or even individual client machines

Supported in two services (Site to Site VPN and Client VPN)

Answer 141

A

Serve as a firewall for EC2 instances (belong to multiple security groups)

Control inbound and outbound traffic (are allowed)

Works at the instance levels (must be explicitly associated with an EC2 instance)

VPCs have default security groups

Answer 142

A

Works at the subnet level with VPC

Enables you to allow and deny traffic

Each VPC has a default ACL that allows both traffic

Custom ACLs deny all traffic until rules are added

Answer 143

A

DDOS: type of attack where a server gets traffic than they can handle making the service go down

Has protection for DDOS

Enables ongoing threat detection and migration

Has 2 different standard (Standard/Advance)

Answer 144

A

Machine learning to analyze data stored in Amazon S3

Can detect personal info and IP in S3

Provides dashboards that show how the data is being stored and accessed

Enables alerts if it detects unusual data access

Answer 145

A

Enables scanning of Amazon EC2 instances for security vulnerabilities

Charged by instance/ assessment run

2 types of rules packages

Network reachability assessment

Host assessment

Answer 146

A

Serve as an organization service catalog for the cloud

Can include single service image to multi-tier custom apps

Enables organizations to leverage services that meet compliance

Supports a lifecycle for services released in the catalog

Answer 147

A

Managed source control service

Utilizes Git for repositories

Control access with IAM policies

Services as an alternative for GitHub

Answer 148

A

Fully managed continuous delivery service

Provides capabilities to automate building, testing and deploying

Integrates with other developer tools like Github as well

Answer 149

A

3 types of load balancers

App Load Balancer, Network Load Balancer, Classic Load Balancer

Brainscape's Knowledge GenomeTM

Services Flashcards

Brainscape's Knowledge Genome^TM