Slides

Question 1

How do you look into IAM permissions

Answer 1

IAM credential report (account level)

IAM access advisor (user level)

Question 2

How do you distribute secured S3 content globally

Answer 2

CloudFront signed URLs

Question 3

Access multiple files from CloudFront

Answer 3

CloudFront signed cookies

Question 4

DynamoDB Streams

Answer 4

Allows to create a change log

Question 5

AWS X-ray

Answer 5

analyze an application and its underlying services
to identify and troubleshoot performance issues
you can use X-ray across accounts

Question 6

CloudWatch Events

Answer 6

near real-time stream of system events in AWS resources

cannot be used across accounts

Question 7

IAM role

Answer 7

an IAM User in the same account
an IAM User in a different account
an AWS webservice
an external user authenticated by SAML

Question 8

Which services can buffer requests

Answer 8

SQS
AWS Gateway API
Kinesis

but not Elastic Load Balancer, nor SNS, nor Lambda

Question 9

Which services allow caching

Answer 9

ElastiCache
DAX
CloudFront
Route53
Greengrass

Question 10

AWS Resource Access Manager

Answer 10

share resources across accounts (VPC subnets, Licenses, Aurora,…)

Question 11

NAT Instance

Answer 11

Support port forwarding
Can be attached to a security group
Can be used as a bastion server

Question 12

EBS Snapshots

Answer 12

All encrypted by default
Data between Instance and EBS is encrypted
Data at rest in encrypted