Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Solutions Architect - Professional > Services > Flashcards

Services Flashcards

1
Q

Amazon CloudFront

A
  • Distribute metadata Service
  • Forward requests to ALB
  • with Geo-Restriction enabled it block all of the blacklisted countries
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ALB

A
  • Invokes Lambda
    *
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Lambda@Edge

A
  • Updates Response headers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Minimize operational complexity+ microservices that run on containers

A

AWS Elastic Beanstalk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AWS Elastic Beanstalk

A

minimizes operational + microservices that run on containers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Automatic fail over

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

CloudWatch alarm

A
  • Can invoke lambda function
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AWS Well-Architected Framework Pillars

Operational Excellence

A

The ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures.
There are four best practice areas and tools for operational excellence in the cloud:
Organization – AWS Cloud Compliance, AWS Trusted Advisor, AWS Organizations
Prepare – AWS Config
Operate – Amazon CloudWatch
Evolve – Amazon Elasticsearch Service
Key AWS service:
AWS CloudFormation for creating templates. (See AWS Management Tools Cheat Sheet)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AWS Well-Architected Framework Pillars

Security

A

The ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
There are six best practice areas and tools for security in the cloud:
Security – AWS Shared Responsibility Model, AWS Config, AWS Trusted Advisor
Identity and Access Management – IAM, Multi-Factor Authentication, AWS Organizations
Detective Controls – AWS CloudTrail, AWS Config, Amazon GuardDuty
Infrastructure Protection – Amazon VPC, Amazon CloudFront with AWS Shield, AWS WAF
Data Protection – ELB, Amazon Elastic Block Store (Amazon EBS), Amazon S3, and Amazon Relational Database Service (Amazon RDS) encryption, Amazon Macie, AWS Key Management Service (AWS KMS)
Incident Response – IAM, Amazon CloudWatch Events
Key AWS service:
AWS Identity and Access Management (IAM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

AWS Well-Architected Framework Pillars

Reliability

A

The ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues.
There are four best practice areas and tools for reliability in the cloud:
Foundations – IAM, Amazon VPC, AWS Trusted Advisor, AWS Shield
Change Management – AWS CloudTrail, AWS Config, Auto Scaling, Amazon CloudWatch
Failure Management – AWS CloudFormation, Amazon S3, AWS KMS, Amazon Glacier
Workload Architecture – AWS SDK, AWS Lambda
Key AWS service:
Amazon CloudWatch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AWS Well-Architected Framework Pillars

Performance Efficiency

A

The ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.
There are four best practice areas for performance efficiency in the cloud:
Selection – Auto Scaling for Compute, Amazon EBS and S3 for Storage, Amazon RDS and DynamoDB for Database, Route53, VPC, and AWS Direct Connect for Network
Review – AWS Blog and What’s New section of the website
Monitoring – Amazon CloudWatch
Tradeoffs – Amazon Elasticache, Amazon CloudFront, AWS Snowball, Amazon RDS read replicas.
Key AWS service:
Amazon CloudWatch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

AWS Well-Architected Framework Pillars

Cost Optimization

A

The ability to avoid or eliminate unneeded cost or suboptimal resources.
There are five best practice areas and tools for cost optimization in the cloud:
Cloud Financial Management – Amazon QuickSight, AWS Cost and Usage Report (CUR)
Cost-Effective Resources – Cost Explorer, Amazon CloudWatch and Trusted Advisor, Amazon Aurora for RDS, AWS Direct Connect with Amazon CloudFront
Matching supply and demand – Auto Scaling
Expenditure Awareness – AWS Cost Explorer, AWS Budgets
Optimizing Over Time – AWS News Blog and the What’s New section on the AWS website, AWS Trusted Advisor
Key AWS service:
Cost Explorer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

AWS Well-Architected Framework Pillars

Sustainability

A

The ability to increase efficiency across all components of a workload by maximizing the benefits from the provisioned resources.
There are six best practice areas for sustainability in the cloud:
Region Selection – AWS Global Infrastructure
User Behavior Patterns – Auto Scaling, Elastic Load Balancing
Software and Architecture Patterns – AWS Design Principles
Data Patterns – Amazon EBS, Amazon EFS, Amazon FSx, Amazon S3
Hardware Patterns – Amazon EC2, AWS Elastic Beanstalk
Development and Deployment Process – AWS CloudFormation
Key AWS service:
Amazon EC2 Auto Scaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Amazon Kinesis Data Streams

A

Enables you to build custom applications that process or analyze streaming data for specialized needs.
Cannot access S3 directly without using any other service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Amazon Kinesis Data Firehose

A

It is the easiest way to load streaming data into data stores and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence tools and dashboards you’re already using today. It is a fully managed service that automatically scales to match your data’s throughput and requires no ongoing administration. It can also batch, compress, and encrypt the data before loading it, minimizing the storage used at the destination and increasing security. With the Firehose data transformation feature, you can now specify a Lambda function that can perform transformations directly on the stream when you create a delivery stream.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

AWS SCT

A

Agent to extract data from your on-premises data warehouse and migrate it to Amazon Redshift.

17
Q

AWS Snowball Edge

A

Device can hold up to 100 TB of data. It uses 256-bit encryption and an industry-standard Trusted Platform Module (TPM) to ensure both security and full chain-of-custody for your data. AWS SCT works with AWS Snowball Edge devices.

18
Q

In what contexts are Signed URLs commonly used in cloud services like Amazon S3?

A

Signed URLs are commonly used in cloud services like Amazon S3 to grant temporary access to private objects, allowing users or applications to download or view the objects for a limited duration.

19
Q

Field-level encryption

A

Adds an additional layer of security, along with HTTPS, that lets you protect specific data throughout system processing so that only certain applications can see it.

20
Q

AWS Resource Access Manager (AWS RAM) .

A

Enables you to share specified AWS resources that you own with other AWS accounts. To enable trusted access with AWS Organizations:

From the AWS RAM CLI, use the enable-sharing-with-aws-organizations command.
Name of the IAM service-linked role that can be created in accounts when trusted access is enabled:

21
Q

AWS Secrets Manager

A

It is a secrets management service that helps you protect access to your applications, services, and IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Using Secrets Manager, you can secure and manage secrets used to access resources in the AWS Cloud, on third-party services, and on-premises.

If you want a single store for configuration and secrets, you can use Parameter Store. If you want a dedicated secrets store with lifecycle management, use Secrets Manager.

22
Q

AKS

A

Kubernetes doesn’t natively support the automatic rotation of secrets.

23
Q

Amazon Rekognition

A

It can store information about detected faces in server-side containers known as collections.

24
Q

AWS Direct Connect

A

It is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS to achieve higher privacy benefits, additional data transfer bandwidth, and more predictable data transfer performance. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connection

25
Q

High Availability

A
  • Amazon EC2 Auto Scaling group should be created to add and remove instances across multiple Availability Zones.
26
Q

Not Cost Effective

A
  1. EC2
  2. ELB
  3. DynamoDB
27
Q

Cost Effective

A
  1. S3
  2. AWS Lambda
28
Q

Elastic Block Store (EBS)

A
  1. Block Storage
  2. Not distributed and fault tolerant
29
Q

Least Operational Overhead

A

Cloud Front

30
Q

Amazon EFS

A

AWS Solutions Architect - Professional (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions