Study

Question 1

a piece of software that makes itself available over the internet and uses standardized format for request and response of an API interaction

Answer 1

web service

Question 2

what are three ways to interact with AWS?

Answer 2

AWS Management Console
Command Line Interface
Software Development Kits (SDKs)

Question 3

six perspectives of AWS Cloud Adoption Framework (AWS CAF)

Answer 3

business, people, governance, platform, security, operations

Question 4

describe compute pricing

Answer 4

charged per hour/second (Linux only); varies by instance type

Question 5

describe Storage pricing

Answer 5

charged per GB

Question 6

describe Data Transfer pricing

Answer 6

outbound is aggregated and charged; inbound usually has no charge; usually charged per GB

Question 7

how long does free tier stay free?

Answer 7

1 year

Question 8

what are 5 free AWS services?

Answer 8

• Amazon VPC
• Elastic Beanstalk
• Auto Scaling
• AWS CloudFormation
• AWS Identity and Access Management (IAM)

Question 9

what are 4 considerations when determining Total Cost of Ownership (TCO)?

Answer 9

1. server costs
2. storage costs
3. network costs
4. IT labor costs

Question 10

AWS tool that lets you estimate monthly costs, identify opportunities to reduce costs, model solutions, explore price points, find available instance types, name estimates and create name groups of services

Answer 10

AWS Pricing Calculator

Question 11

AWS feature that consolidates different accounts into a tree

Answer 11

AWS Organizations

Question 12

rules that allow or deny access to AWS services for individuals in an organization unit (OU)

Answer 12

SCP (Service Control Policies)

Question 13

true or false: there is no limit on the number of OU (organization units) you can have

Answer 13

false

Question 14

tech support service for proactive guidance

Answer 14

Technical Account Manager (TAM)

Question 15

tech support service for best practices

Answer 15

AWS Trusted Advisor

Question 16

tech support service for account assistance

Answer 16

AWS Support Concierge

Question 17

list the 4 tech support plans and the case severity they support

Answer 17

Basic - NO case support
Developer - normal and low
Business - urgent, high, normal, low
Enterprise - critical, urgent, high, normal, low (all)

Question 18

what 3 elements can AWS infrastructure be broken into?

Answer 18

regions, availability zones, and points of presence

Question 19

what are the 4 steps to securing a new account?

Answer 19

1. Stop using root (and delete root user access keys)
2. Enable MFA
3. Use AWS CloudTrail to track user activity
4. Enable a billing report

Question 20

service that provides managed DDoS protection

Answer 20

AWS Shield

Question 21

a resource for compliance related info, where you can access security and compliance reports through the management console

Answer 21

Artifact

Question 22

3 steps for making your VPC architecture secure

Answer 22

• isolate subnets if possible
• choose appropriate gateway device or VPN connection for your needs
• use firewalls

Question 23

a highly available and scalable DNS web service

Answer 23

Route 53

Question 24

globally distributed system of caching servers

Answer 24

Content Delivery Network (CDN)

Question 25

9 key decisions when creating an EC2 instance

Answer 25

1. Select an AMI
2. Select an instance type
3. Specify network settings
4. Specify IAM role
5. Specify user data script (optional)
6. Specify storage
7. Add tags
8. Specify security group settings
9. Identify or create the key pair

Question 26

software platform that lets you run containers created from an image

Answer 26

Docker

Question 27

AWS service for container management

Answer 27

EC2

Question 28

open source software for container orchestration that complements Docker

Answer 28

Kubernetes

Question 29

Amazon service that enables running Kubernetes on AWS

Answer 29

Amazon Elastic Kubernetes Service (EKS)

Question 30

fully managed Docker container registry where you can store, manage, and deploy Docker container images

Answer 30

Amazon Elastic Container Registry (ECR)

Question 31

AWS service for serverless, event-driven computing

Answer 31

Lambda

Question 32

max memory allocation for a single Lambda function

Answer 32

3,008 MB

Question 33

max execution time for a Lambda function

Answer 33

15 minutes

Question 34

AWS service for easy deployment of web applications

Answer 34

Elastic Beanstalk

Question 35

a file storage service for use with Amazon EC2. It provides a file system interface, file system access semantics, and concurrently-accessible storage for up to thousands of Amazon EC2 instances

Answer 35

EFS (Elastic File System)

Question 36

what do you need to access AWS resources programmatically?

Answer 36

Access Key ID and Secret Access Key

Question 37

instance type that lets you take advantage of unused EC2 capacity in the AWS cloud, available at up to a 90% discount compared to On-Demand prices. You can use them for various stateless, fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC), and other test & development workloads

Answer 37

Spot Instances

Question 38

support type where you have production workloads on AWS and want 24x7 phone, email and chat access to technical support and architectural guidance in the context of your specific use-cases. You get full access to AWS Trusted Advisor Best Practice Checks. Also, you get access to Infrastructure Event Management for an additional fee

Answer 38

Business Support

Question 39

Which two AWS services can be used to decouple components of a microservices based application on AWS Cloud

Answer 39

SNS and SQS

Question 40

what AWS service adds user sign-up, sign-in access control to web and mobile apps?

Answer 40

Cognito

Question 41

AWS feature that lets you explore AWS services and create an estimate for the cost of your use cases on AWS

Answer 41

AWS Pricing Calculator

Question 42

support that includes concierge-like service where the main focus is on helping the customer achieve their outcomes and find success in the cloud. You get access to online training with self-paced labs, 24x7 technical support from high-quality engineers, tools and technology to automatically manage the health of your environment, consultative architectural guidance, a designated Technical Account Manager (TAM) to coordinate access to proactive/preventative programs and AWS subject matter experts

Answer 42

Enterprise Support

Question 43

AWS service that lets you run code without provisioning or managing servers. You pay only for the compute time you consume and can run code for virtually any type of application or backend service - all with zero administration

Answer 43

Lambda

Question 44

Fill in the blank: _____ volume can be attached to a single instance in the same Availability Zone whereas ____ file system can be mounted on instances across multiple Availability Zones

Answer 44

EBS Volume
EFS file system

Question 45

a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS

Answer 45

Macie

Question 46

central resource for compliance-related information that matters to your organization. It provides on-demand access to AWS’ security and compliance reports and select online agreements

Answer 46

AWS Artifact

Question 47

professional services firms that help customers of all types and sizes design, architect, build, migrate, and manage their workloads and applications on AWS, accelerating their migration to AWS cloud

Answer 47

APN (Amazon Partner Network) Consulting Partners

Question 48

AWS Web Application Firewall (WAF) offers protection from common web exploits at which layer?

Answer 48

Layer 7 (Application)

Question 49

a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale. offers built-in security, continuous backups, automated multi-region replication, in-memory caching, and data export tools

Answer 49

DynamoDB

Question 50

DynamoDB feature that replicates data automatically across your choice of AWS Regions and automatically scale capacity to accommodate your workloads

Answer 50

global tables

Question 51

Fill in the blank: Each AWS Region consists of _______ Availability Zones

Answer 51

Two or more

Question 52

Fill in the blank: Each Availability Zone (AZ) consists of ___________ discrete data centers

Answer 52

One or more

Question 53

Which two AWS services support VPC Endpoint Gateway for a private connection from a VPC?

Answer 53

S3, DynamoDB

Question 54

a physical server fully dedicated for your use, so you can help address corporate compliance requirements, and allows you to bring your own supported software licenses

Answer 54

EC2 Dedicated Host

Question 55

provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. This is a good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates or you can take advantage of fault-tolerant architectures

Answer 55

Instance Store

Question 56

In order for an account to be removed from an Organization, it must be able to ______________

Answer 56

operate as a stand alone account

Question 57

service used to analyze and debug serverless and distributed applications such as those built using a microservices architecture. You can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.

Answer 57

X-Ray

Question 58

service that recommends optimal AWS resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics

Answer 58

AWS Compute Optimizer

Question 59

what is the minimum time charged for Linux based EC2 instances?

Answer 59

One minute

Question 60

an automated security assessment service that helps improve the security and compliance of applications deployed on your Amazon EC2 instances

Answer 60

Amazon Inspector

Question 61

persistent block storage solution where individual storage volumes are created and attached to EC2 instances, and data is automatically replicated within an Availability Zone

Answer 61

EBS (Elastic Block Storage)

Question 62

object storage solution that uses buckets to store data redundantly in multiple Availability Zones in the same region

Answer 62

S3 (Simple Storage Solution)

Question 63

a simple, scalable, fully managed elastic network file system for use with AWS Cloud services and on-premises resources

Answer 63

EFS (Elastic File System)

Question 64

a secure, durable, and extremely low-cost Amazon S3 cloud storage class for data archiving and long-term backup

Answer 64

S3 Glacier

Question 65

container for storing archives with S3 Glacier

Answer 65

vault

Question 66

use cases for RDS

Answer 66

web/mobile apps, e-commerce, mobile/online games, complex transactions and queries

Question 67

DynamoDB operation to find an item using an attribute other than the primary key

Answer 67

scan

Question 68

a fully-managed petabyte-scale cloud-based data warehouse product designed for large scale data set storage and analysis

Answer 68

Redshift

Question 69

what are use cases for Redshift?

Answer 69

Enterprise Data Warehouses (EDW), big data, SaaS

Question 70

a fully-managed MySQL and PostgreSQL-compatible relational database built for the cloud, which automates time-consuming administration tasks like hardware provisioning, database setup, patching, and backups

Answer 70

Aurora

Question 71

five pillars of AWS Well-Architected Framework

Answer 71

• Operational excellence
• Security
• Reliability
• Performance efficiency
• Cost optimization

Question 72

the probability that your entire system will function as intended for a specified period

Answer 72

reliability

Question 73

normal operation time/total time; percentage of uptime

Answer 73

availability

Question 74

5 categories under Trusted Advisor

Answer 74

• cost optimization
• performance
• security
• fault tolerance
• service limits

Question 75

type of load balancing that is done on HTTP and HTTPS on the application layer

Answer 75

Application Load Balancer

Question 76

type of load balancing done on the transport layer where extreme performance is required

Answer 76

Network Load Balancer

Question 77

type of load balancer done on HTTP, HTTPS, TCP, and SSL traffic, as well as across EC2 instances, on the application and transport layers

Answer 77

Classic Load Balancer

Question 78

a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. Provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health

Answer 78

CloudWatch

Question 79

what are the 5 design principles of the Operational Excellence pillar in the Well-Architected Framework?

Answer 79

• documentation
• frequent and small changes
• operations as code
• refining procedures quickly
• anticipate system failure

Question 80

the pillar of the well-architected framework that focuses on the stability of AWS systems and their ability to support business value with long uptimes and durable systems

Answer 80

Reliability

Question 81

well-architected framework pillar that supports computing resources to maintain and meet business requirements as technologies change over time within the AWS structure

Answer 81

Performance Efficiency

Question 82

what are the 4 principles of the Performance Efficiency pillar in the well-architected framework?

Answer 82

• going global
• implementing serverless technologies
• experimenting with development
• mechanical sympathy

Question 83

total number of VPCs you can have in one region

Answer 83

5

Question 84

what should you do immediately after logging into root user for the first time?

Answer 84

enable MFA

Question 85

when using the visual editor from the IAM console to create a new IAM policy, what two components will you be prompted to provide?

Answer 85

• choose a service
• select an action

Question 86

EC2 instance purchasing option best for short, uninterrupted workloads for predictable, pay by the second pricing

Answer 86

on-demand

Question 87

EC2 instance purchasing option good for steady-state usage applications (think database), purchased for 1 or 3 years

Answer 87

reserved instance

Question 88

EC2 instance purchasing type good for long workloads where you get a discount based on long term usage and you commit to a certain usage type

Answer 88

savings plan

Question 89

EC2 instance purchasing type for short workloads that are resilient to failure and offer the biggest discount, but less reliability

Answer 89

spot instances

Question 90

EC2 instance purchasing type where you reserve an entire physical server and BYOL (bring your own license) is permitted; most expensive option

Answer 90

dedicated host

Question 91

EC2 instance purchasing option where no other customers will share your hardware

Answer 91

dedicated instance

Question 92

EC2 instance purchasing option good for short term, uninterrupted workloads in a specific AZ, where you can reserve capacity in that AZ for any duration; no time commitment, no billing discount

Answer 92

capacity reservation

Question 93

what instance type is best for the following use cases:
- diverse worloads
- web servers
- code repositories

Answer 93

general purpose

Question 94

what instance type is best for the following use cases:
- batch processing workloads
- media transcoding
- high performance web servers
- high performance computing
- scientific modeling
- machine learning
- dedicated gaming servers

Answer 94

compute optimized

Question 95

what instance type is best for the following use cases:
- high performance databases
- distributed web scale cache stores
- in-memory database optimized for BI
- applications performing real time processing of big unstructured data

Answer 95

memory optimized

Question 96

what instance type is best for the following use cases:
- high frequency online transaction processing (OLTP) systems
- relational and NoSQL databases
- cache for in-memory databases
- data warehouses
- distributed file systems

Answer 96

storage optimized

Question 97

what should be used to ensure regulatory compliance and enforce encryption of data at rest and data in transit?

Answer 97

IAM

Question 98

AWS service that provides information related to compliance in one location

Answer 98

AWS Compliance Center

Question 99

main benefit of Elastic IP address

Answer 99

ability to move network attributes from one instance to another in a single step

Question 100

instance purchasing type used for running processes in the background, batch processing, data aggregation, and non-time sensitive work

Answer 100

spot instances

Question 101

networking connection that links your on premises network to AWS network

Answer 101

AWS Direct Connect

Question 102

a set of virtual servers used in AWS to add resources in processing large amounts of data at reduced cost from within the EC2 infrastructure

Answer 102

fleet

Question 103

instance purchase type for spiky, short term, unpredictable workloads

Answer 103

on demand instances

Question 104

IAM policy type used to control and maintain a strict correlation between the principle entity and the policy itself

Answer 104

inline IAM policy

Question 105

Amazon recommends data in transit be encrypted using which two protocols?

Answer 105

SSL/TLS or IPSec ESP

Question 106

a centralized platform for data science, data analytics, and machine learning within S3

Answer 106

S3 data lake

Question 107

service used to perform hardware checks

Answer 107

Personal Health Dashboard

Question 108

max size of an object in S3

Answer 108

5 TB

Question 109

max number of objects that an S3 bucket can contain

Answer 109

infinite

Question 110

a CDN that caches copies of data around the world near customers using edge locations

Answer 110

CloudFront

Question 111

AWS service that creates a mini Region inside a company’s own data center or company building; an example of a hybrid cloud

Answer 111

AWS Outposts

Question 112

service that’s good for processing terabytes/petabytes of data, structured or unstructured

Answer 112

RedShift

Question 113

what two services does a Gateway type end point work with?

Answer 113

DynamoDB, S3

Question 114

service that connects several VPCs within an individual region

Answer 114

VPC Peering

Question 115

6 types of database instances offered by RDS

Answer 115

• Microsoft SQL Server
• MySQL
• MariaDB
• Oracle
• Amazon Aurora
• PostgreSQL

Question 116

3 customer support cases you can create with the AWS Management Console

Answer 116

• Account and billing
• Service limit increase
• Technical support