Services

Question 1

How are Linux EC2 instances billed?

Answer 1

billed per second.
1 minute minimum

https://aws.amazon.com/blogs/aws/new-per-second-billing-for-ec2-instances-and-ebs-volumes/

Question 2

What is Amazon Macie?

Answer 2

a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS.

Question 3

What is AWS Glue?

Answer 3

AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. AWS Glue job is meant to be used for batch ETL data processing.

Question 4

What is Amazon Polly?

Answer 4

Amazon Polly is a service that turns text into lifelike speech

Question 5

What is AWS Secrets Manager?

Answer 5

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

Question 6

What is the AWS Marketplace?

Answer 6

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. The AWS Marketplace enables qualified partners to market and sell their software to AWS Customers.

AWS Marketplace offers two ways for sellers to deliver software to customers: Amazon Machine Image (AMI) and Software as a Service (SaaS).

https://aws.amazon.com/partners/aws-marketplace/

Question 7

AWS CloudFormation

Answer 7

…provides a common language to model and provision AWS and third-party application resources in your cloud environment.

…allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all Regions and accounts

Question 8

AWS Database Migration Service

Answer 8

AWS DMS helps users migrate databases to AWS quickly and securely. The source database remains
fully operational during the migration, minimizing downtime to applications that rely on the database. AWS DMS can migrate data to and from most widely used commercial and open-source databases.

Question 9

Amazon VPC

Answer 9

Amazon Virtual Private Cloud lets users provision a logically isolated section of the AWS Cloud where users can launch AWS resources in a virtual network that they define.

Question 10

Amazon CloudFront

Answer 10

To deliver content to users with lower latency, Amazon CloudFront uses a global network of points of
presence (edge locations and regional edge caches) worldwide

Question 11

AWS CloudTrail

Answer 11

AWS CloudTrail helps users enable governance, compliance, and operational and risk auditing of their
AWS accounts. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface (CLI), and AWS SDKs and APIs.

Question 12

AWS OpsWorks

Answer 12

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.

Question 13

AWS CodeDeploy

Answer 13

AWS CodeDeploy is a service that automates code deployments to any instance, including EC2 instances and instances running on premises

Question 14

AWS Trusted Advisor

Answer 14

AWS Trusted Advisor is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits, and performance improvement.

Question 15

Storage Classes

Answer 15

S3 Standards
S3 Intelligent-Tiering
S3 Standard-IA
S3 One Zone-IA
S3 Glacier
S3 Glacier Deep Archive
S3 Outposts
https://aws.amazon.com/s3/storage-classes/

Question 16

AWS Budgets

Answer 16

AWS Budgets gives the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define.

Question 17

List AWS Support Plans

Answer 17

Developer
Business
Enterprise

Question 18

What is available with the Developer Support Plan

Answer 18

• Trusted Advisor 7 core checks
• email Tech support during business hours
• response < 24 hrs or <12 hrs for system impaired

Question 19

What is available with the Business Support Plan

Answer 19

Developer support plan plus,
+ Trusted Advisor full set of checks
+ email, phone, & chat 24x7 support
+ response general < 24hr, system impaired < 12 hrs, production system impaired < 4 hrs, production down < 1 hr

Question 20

What is available with Enterprise Support Plan

Answer 20

Business support plan plus,
\+ response Business-critical system down < 15 min
\+ Technical Account Manager
\+ online self-paced labs
\+ Concierge Support team

Question 21

Vertical Scaling

Answer 21

Vertical Scaling is adding more resources (like CPU, RAM) to a single node or machine. Example- Resizing an instance of EC2.

Question 22

Horizontal Scaling

Answer 22

A “horizontally scalable” system is one that can increase capacity by adding more computers to the system.

Question 23

Cost Explorer

Answer 23

AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. AWS Cost Explorer includes a default report that helps you visualize the costs and usage associated with your top five cost-accruing AWS services, and gives you a detailed breakdown of all services in the table view.

Question 24

What are some advantages of Cloud Computing

Answer 24

+Trade capital expense for variable expense
+Benefit from massive economies of scale
+Stop guessing at capacity
+Increase speed and agility
+Stop spending money running and maintaining data centers
+Go global in minutes

Question 25

AWS Artifact

Answer 25

AWS Artifact is your central resource for compliance-related information

Question 26

EFS

Answer 26

Elastic File System is a network storage that can be concurrently-accessible for up to thousands of Amazon EC2 instances across multiple Availability zones.

Question 27

AWS CloudHSM

Answer 27

AWS CloudHSM is a cloud-based Hardware Security Module (HSM) that enables you to easily generate and use your encryption keys on the AWS Cloud.

Question 28

Network Load Balancer

Answer 28

distributes TCP/UDP & TLS traffic, does not scale resources.

Question 29

Auto Scaling

Answer 29

Auto Scaling automatically adds or removes EC2 instances based on demand. It helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application.

Question 30

Amazon Inspector

Answer 30

inspects EC2 instances for security issues such as operating system patches, known vulnerabilities, and common issues.
https://aws.amazon.com/inspector/

Question 31

AWS Systems Manager

Answer 31

Systems Manager allows you to group resources, like Amazon EC2 instances, Amazon EKS clusters, Amazon S3 buckets, or Amazon RDS instances, by application, view operational data for monitoring and troubleshooting, implement pre-approved change work flows, and audit operational changes for your groups of resources

Question 32

AWS X-Ray

Answer 32

You can use AWS X-Ray to analyze and debug serverless and distributed applications such as those built using a microservices architecture.

Question 33

AWS Elastic Beanstalk

Answer 33

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services

you retain full control over the AWS resources powering your application and can access the underlying resources at any time.

There is no additional charge for Elastic Beanstalk

Question 34

AWS Storage Gateway

Answer 34

AWS Storage Gateway is a hybrid cloud storage service that connects your existing on-premises environments with the AWS Cloud.

Question 35

AWS Direct Connect

Answer 35

a physical dedicated private connection from a remote network to your VPC.

takes a month to establish

Question 36

AWS Service Health Dashboard

Answer 36

AWS Service Health Dashboard publishes most up-to-the-minute information on the status and availability of all AWS services

Question 37

EFS stands for

Answer 37

Elastic File System

Question 38

Where can an EFS be used?

Answer 38

AWS Cloud Services

On premises

Question 39

How large can EFS storage scale?

Answer 39

can easily scale to petabytes of data.

Question 40

Where can an EFS be mounted?

Answer 40

EFS file system can be mounted on instances across multiple Availability Zones.

Question 41

Where can an EBS be mounted?

Answer 41

EBS volume can be mounted to a single instance in the same Availability Zone.

Question 42

Which AWS Support plans provide access to guidance, configuration, and troubleshooting of AWS interoperability with third-party software?

Answer 42

Business and Enterprise

Question 43

Which service allows you to automate the evaluation of recorded configurations against desired configurations.?

Answer 43

AWS Config

Question 44

Which service continuously monitors and records your AWS resource configurations?

Answer 44

AWS Config

Question 45

Which service enables governance, compliance, operational auditing, and risk auditing of your AWS account?

Answer 45

AWS CloudTrail

Question 46

Which service can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure?

Answer 46

AWS CloudTrail

Question 47

Which service provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services.

Answer 47

CloudTrail

Question 48

Which service provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

Answer 48

CloudWatch

Question 49

Which service provides real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits, and performance improvement.

Answer 49

AWS Trusted Advisor

Question 50

Which service monitors malicious activity and unauthorized behavior to protect your AWS account?

Answer 50

GuardDuty

Question 51

Which service analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns).

Answer 51

GuardDuty

Question 52

Note differences between Dedicated Hosts and Dedicated Instances.

Answer 52

Host provides visibility of sockets, cores, and host ids
Host provides visibility and control over how instances are physically placed in a server

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html

Question 53

Which storage type is located on disks that are physically attached to the host computer.

Answer 53

Instance Store

Question 54

Which storage type is good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates

Answer 54

Instance Store

Question 55

Which service provides a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications.

Answer 55

Amazon Simple Notification Service (SNS)

Question 56

With this service, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.

Answer 56

Amazon Simple Queue Service (SQS)

Question 57

Which service is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.

Answer 57

Amazon Simple Queue Service (SQS)

Question 58

Which service automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services?

Answer 58

CodeDeploy

Question 59

Which organization is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud.

Answer 59

AWS Professional Services

Question 60

a solution that helps customers more quickly set up a secure, multi-account AWS environment based on AWS best practices.

Answer 60

AWS Landing Zone

Question 61

This service lets you coordinate multiple AWS services into serverless workflows.

Answer 61

AWS Step Function

Question 62

These are Compute Serverless Services

Answer 62

Lambda

Fargate

Question 63

Serverless services for Application Integration

Answer 63

Eventbridge
Step Functions
SQS
SNS
API Gateway
AppSync

Question 64

Serverless data storage

Answer 64

S3
DynamoDB
Aurora
RDS Proxy

Question 65

Hows long does it take to setup an AWS Direct Connection?

Answer 65

at least 1 month

Question 66

What 2 purposes does an internet gateway serve?

Answer 66

+ provide a target in your VPC route tables for internet-routable traffic.
+ perform network address translation for instances.

Question 67

On the OSI internet model what is available on layer 7?

Answer 67

The application layer, which includes HTTP and HTTPS requests.

Question 68

The transport layer includes these protocols

Answer 68

TCP, UDP

Question 69

In the OSI model what is layer 4?

Answer 69

The transport layer (TCP, UDP)

Question 70

In the OSI model what is layer 3?

Answer 70

The network layer.

This layer decides which physical path data will take when it moves on the network.

Question 71

AWS Shield offers protection at which network layer

Answer 71

Layer 3, the network layer
&
Layer 4, The transport layer

Question 72

Which is considered the transport layer

Answer 72

Layer 4

Question 73

What percent of durability does Amazon S3 offer?

Answer 73

99.999999999% (11 9’s)

Question 74

What is the cost for transferring data between AWS services within a region?

Answer 74

data transfer between AWS services within the same region is not charged

Question 75

What is the max % discount of a Reserved EC2 instance vs an on-demand EC2 instance?

Answer 75

75%

Question 76

What is the max % discount of a Spot EC2 instance vs an on-demand EC2 instance?

Answer 76

90%

Question 77

AWS Budgets gives you the ability to set reservation alerts for which services?

Answer 77

EC2, 
RDS, 
Redshift, 
ElastiCache, 
Elasticsearch

Question 78

Which service allows you to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define.

Answer 78

AWS Budgets

Question 79

Which service provides an estimate of usage charges for AWS services?

Answer 79

Simple Monthly Calculator

Question 80

Infastructure as a Service (IaaS) provides access to

Answer 80

networking features, computers, and data storage space.

Question 81

Platform as a Service (PaaS) example

Answer 81

AWS Beanstalk

Question 82

AWS will provide Interoperability and configuration guidance and troubleshooting for 3rd party software for which support plan(s)

Answer 82

Business & Enterprise

Question 83

two types of VPC endpoints

Answer 83

interface endpoints

gateway endpoints

Question 84

define an interface endpoint

Answer 84

an elastic network interface with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service.

Question 85

define a gateway endpoint

Answer 85

a gateway that you specify as a target for a route in your route table for traffic destined to a supported AWS service.

Question 86

Which AWS services support VPC gateway endpoints?

Answer 86

Amazon S3

DynamoDB

Question 87

Which layers does AWS Shield Advanced includes intelligent DDoS attack detection and mitigation for?

Answer 87

Layer 3 (Network)
Layer 4 (Transport)
Layer 7 (Application)

Question 88

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which resources?

Answer 88

EC2
ELB
CloudFront
Route53
Global Accelerator

Question 89

Which support plan(s) offer a response to an impaired system of 12 hrs

Answer 89

Developer
Business
Enterprise

Question 90

Which support plan(s) offer a response time of 15 min for business-critical system down?

Answer 90

Enterprise

Question 91

Which support plan(s) offer a response time of 4 hrs for an impaired production system.

Answer 91

Business

Enterprise

Question 92

Which support plan(s) offer AWS Support API?

Answer 92

Business

Enterprise

Question 93

Which support plan(s) offer Infrastructure Event Managment

Answer 93

Business - for fee

Enterprise - for free

Question 94

What are the available EC2 instance types?

Answer 94

On-demand
Reserved
Spot Instances
Dedicated Hosts

Question 95

Which type of EC2 instance offers up to 75% savings over on-demand instances?

Answer 95

Reserved Instances

Question 96

Which type of EC2 instance offers up to 90% savings over on-demand instances?

Answer 96

Spot Instances

Question 97

This type of EC2 instances is most useful for workloads that are resilient to failure. Such as, Batch jobs, data analysis, image processing, distributed workloads, workloads with flexible start/stop times.

Answer 97

EC2 Spot Instances

Question 98

What are examples of workloads that are resilient to failure?

Answer 98

Batch jobs, 
data analysis, 
image processing, 
distributed workloads, 
workloads with flexible start/stop times.

Question 99

Which type of EC2 instance is a physical server?

Answer 99

Dedicated Host

Question 100

When is an EC2 dedicated host useful?

Answer 100

address compliance issues

utilize existing server-bound software license

Question 101

Which type of EC2 instance utilizes hardware dedicated to your account alone, but may share the hardware with other instance in your account

Answer 101

Dedicated Instance

Question 102

What is meant by a services elasticity?

Answer 102

The ability of the service to scale up and down based on demand

Question 103

What are the 3 types of Elastic Load Balancers and what Layer do they support?

Answer 103

• Application LB (HTTP - Layer 7)
• Network LB (TCP - Layer 4)
• Classic LB (old)

Question 104

Which AWS service is a fully-managed petabyte-scale cloud-based data warehouse product designed for large scale data set storage and analysis?

Answer 104

Redshift

Question 105

Which service automatically assesses applications for exposure, vulnerabilities, and deviations from best practices?

Answer 105

Amazon Inspector

Question 106

____________ is an automated security assessment service that helps improve the security and compliance of applications deployed on your Amazon EC2 instances.

Answer 106

Amazon Inspector

Question 107

____________ is a threat detection service that monitors malicious activity and unauthorized behavior to protect your AWS account.

Answer 107

Amazon GuardDuty

Question 108

Which service analyzes billions of events across your AWS accounts from AWS CloudTrail, Amazon VPC Flow Logs, and DNS Logs?

Answer 108

Amazon GuardDuty

Question 109

___________ is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.

Answer 109

AWS Shield

Question 110

________________ provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources

Answer 110

AWS Systems Manager

Question 111

Which service gives you visibility and control of your infrastructure on AWS?

Answer 111

AWS Systems Manager

Question 112

Sort in order of size:
Data centers,
Regions,
Availability Zones

Answer 112

Regions - consists of multiple isolated AZs
AZ - is a group of Data Centers
Data Centers

Question 113

What is AWS Wavelength?

Answer 113

AWS infrastructure deployments that embed AWS compute and storage services at the edge of the 5G networks.

Question 114

How many Regions, Availability Zones and Points of Presence exist?

Answer 114

24 Regions,
77 AZs,
220+ Points of Presence

Question 115

These services support reservations:

Answer 115

EC2,
DynamoDB,
ElastiCache,
RDS,
Redshift

Question 116

________ provides an event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services.

Answer 116

CloudTrail

Question 117

Which service enables you to assess, audit, and evaluate the configurations of your AWS resources?

Answer 117

AWS Config

Question 118

_________ provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

Answer 118

CloudWatch

Question 119

_________ is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits and performance improvement.

Answer 119

AWS Trusted Advisor

Question 120

Which service includes performance monitoring, events, and alerts;

Answer 120

CloudWatch.

Question 121

Which service provides account-specific activity and audit?

Answer 121

CloudTrail

Question 122

Which service provides resource-specific change history, audit, and compliance?

Answer 122

Config

Question 123

Which services have encryption enabled by default?

Answer 123

Cloudtrail Logs
Storage Gateway
S3 Glacier

Question 124

Use ________________ to store, rotate, monitor, and control access to secrets such as database credentials, API keys, and OAuth tokens.

Answer 124

Secrets Manager

Question 125

What does the Network ACL (NACL) protect?

Answer 125

a VPC subnet

Question 126

What does a Security group protect

Answer 126

ENI or EC2

Question 127

This firewall can have Allow and Deny rules

Answer 127

Network ACL

Question 128

This firewall for EC2s can only have Allow rules

Answer 128

Security Group

Question 129

A Network ACL can have (Allow/Deny/Both) rules

Answer 129

Both, Allow and Deny