TD Exam 4 - Short review

Question 1

Does SNS prevent duplication, loss and maintain order by default?

Answer 1

No

Question 2

Can SNS handle thousands of messages a day

Answer 2

Maybe not

Question 3

Is Kinesis Data Stream appropriate for thousands of messages a day that need to be sent to EMR

Answer 3

Yes

Question 4

Does Kinesis Data Stream prevent duplication, loss and maintain order by default?

Answer 4

Yes

Question 5

Can you configure RAID for instance store volumes

Answer 5

Yes

Question 6

Can you configure RAID for EBS volumes

Answer 6

Yes

Question 7

What is RAID 0

Answer 7

Use data stripping to have better performance
Distributes I/O across volumes in a tripe
If you add a volume, you get straight addition of throughput and IOPS

Question 8

Can an instance have multiple instance stores

Answer 8

Yes

Question 9

What is RAID 1

Answer 9

It is used for data mirroring

Question 10

What is ACID

Answer 10

Provides consistency

Question 11

What is BASE

Answer 11

Provides HA

Question 12

Which replication type in RDS supports ACID

Answer 12

REad-replica can support it

Question 13

What is Amazon Elastic MapReduce

Answer 13

Amazon EMR

Question 14

What is needed to ensure all objects uploaded to an S3 bucket can read publicly all over the internet

Answer 14

Configure S3 bucket policy to set all objects to public read
Grant public read access to the object when uploading it using S3 Console

Question 15

What does CORS do in an S3 bucket

Answer 15

Allows objects from one domain to be loaded and accessible ro a different domain

Question 16

Can you configure an S3 bucket policy to set all objects to public read

Answer 16

Yes, or set permission during upload for a specific object

Question 17

Where is instance type configured for an auto-scaling group

Answer 17

In launch template

Question 18

Do you need to create a new version of a launch template to change instance type

Answer 18

Yes, templates can’t be modified unless you create a new version

Question 19

Are you restricted to us-east-1 when requesting public certificates with ACM

Answer 19

No

Question 20

What is Redshift spectrum

Answer 20

It allows you to directly run SQL queries against unstructured data in S3

Question 21

When do instances have associated DNS hostnames

Answer 21

When DNS resolution and DNS hostname are enabled in VPC configuration

Question 22

What is Glacier Vault

Answer 22

A container for storing archives
There is such a thing as Vault Policies and Vault Lock for WORM compliance

Question 23

Does AWS SSO require SAML compatibility

Answer 23

Yes

Question 24

What is Requester Pays

Answer 24

Requester of S3 pays for access

Question 25

Does Requester Pays disable anonymous access

Answer 25

Yes, automatically

Question 26

What are the enhanced monitoring metrics in RDS

Answer 26

Includes RDS processes OS processes

Question 27

What does RDS enhanced monitoring do

Answer 27

Add an agent on the instance

Question 28

What is freeable memory in RDS

Answer 28

How much ram is available on the instance

Question 29

What are some metrics available by default with RDS

Answer 29

CPU Utilization Database Connections Freeable memory

Question 30

What is queue length for Provisioned IOPS volumes

Answer 30

Length of waiting operations

Question 31

What is the maximum ratio of IOPS to requested volume size

Answer 31

50:1

Question 32

What is the max IOPS for provisioned IOPS io1

Answer 32

64k iops

Question 33

What is the maximum IO size for io1 volume at 32k IOPS

Answer 33

256 kiB

Question 34

What impact does volume size have on IOPS queue length and value

Answer 34

More GB = Better IOPS = lower queue length

Question 35

What is IOPS volume queue

Answer 35

number of pending IO requests for a device

Question 36

What queue length should you want for a latency-sensitive app

Answer 36

Low queue length

Question 37

What is Amazon Application Discovery

Answer 37

Used to track the migration status of your applications from the Migration Hub console

Question 38

What is the best way to do VM lift and shift

Answer 38

AWS Application Migration Service

Question 39

What is the order or a resource dclaraiton in CloudFormation

Answer 39

region:account:service:service id

Question 40

Can you automate promotion of an RDS read replica (automatic failover)

Answer 40

No

Question 41

How can you ensure Redshift has continuity even if there is a region-wide failure

Answer 41

Enable Cross-Region snapshots in the cluster

Question 42

What kind of resilience does redshift have by default

Answer 42

AZ, but can have multi-AZ deployment

Question 43

What is an advantage of taking a snapshot and terminating an RDS instance vs stopping it

Answer 43

A stopped RDS instance still incurs cost of its storage

Question 44

Can Cloudwatch alarms restart EC2 instances by themselves

Answer 44

Yes, using cloudwatch alarm actions

Question 45

What are Flow logs

Answer 45

They are used in VPCs

Question 46

What is Kubernetes Cluster Autoscaler

Answer 46

It automatically asjusts the number of nodes in a cluster. It utilizes Auto Scaling Groups

Question 47

What is a Kubernetes Cluster Autoscaler alternative

Answer 47

Karpenter

Question 48

Is there such a thing as Spot storage in EBS

Answer 48

No

Question 49

What is ElastiCache

Answer 49

In-memory database, memcached or redis

Question 50

Is there a managed config rule to check IAM user access key rotation

Answer 50

Yes

Question 51

If you add a new domain to an ALB and want to redirect http traffic to https for that traffic only, do you need to create a new listener or a new ALB

Answer 51

No, there can only be one listener on a specific port per ALB

Question 52

Where can you get information about upcoming AWS events

Answer 52

AWS Personal Health Dashbord

Question 53

What is the metadata endpoint for EC2 instances

Answer 53

http://169.254.169.254/latest/meta-data/

Question 54

What is user data vs metadata at 169.254.169.254

Answer 54

Metadata is information about the instance User data is specified by user at isntance launch

Question 55

How does AWS License Manager work

Answer 55

Makes it easier to centrally manage licenases from vendors

Question 56

How can you force encryption for objects in an S3 bucket

Answer 56

Yes, by requiring the appropriate header

Question 57

Can you enforce header rules on S3 bucket policies

Answer 57

Yes, that is how you enforce encryption

Question 58

What algorithm is used when using S3 SSE

Answer 58

AES-256

Question 59

Does KMS use AES 256 for S3

Answer 59

No

Question 60

What are the different types of instances (in terms of optimized)

Question 61

Is Comprehend Medical a thing

Answer 61

Yes, t is made specifically for Medical information from unstructured text

Question 62

Is Textract Medical a thing

Answer 62

Yes, but it is not enoughto identif PHI in pdfs

Question 63

Textract vs Comprehend

Answer 63

Textract : extract text from pdf and such Comprehend: analyze text

Question 64

Does Textract have PII redaction

Answer 64

Yes, but it is not suitable for PHI

Question 65

What is Well-Architected tool

Answer 65

Automatically monitor workload status, conduct architectural reviews and check for AWS best practices

Question 66

What is Elastic Fabric Adapter

Answer 66

A network device you attach to your EC2 instance to accelerate HPC

Question 67

What is Elastic Network Adapter

Answer 67

It does not have os-bypass capacity like EFA

Question 68

How do you grant access to CF to S3 bucket that is not public

Answer 68

Origin Access Identity

Question 69

Does AWS SSO require SAML 2.0

Answer 69

Yes

Question 70

What should you do if your identity store is not compatible with SAML 2.0

Answer 70

Build a custom identity broker and use STS

Question 71

Where are 2 places you can upload an HTTPs certificate you got from a 3rd party

Answer 71

ACM and IAM Certificate Store

Question 72

Is S3 suitable to upload a certificate

Answer 72

No

Question 73

What is IAM certificate store

Answer 73

Lets you upload a certificate, but ACM is recommended

Question 74

What is the primary recommended service for Lift and Shift

Answer 74

AWS Application Migration Service

Question 75

What is the first step for lift and shift

Answer 75

Install AWS Replication agent on source servers

Question 76

What are some characteristics of FIFO SQS queues

Answer 76

High throughput (not unlimited) Exactly-once processing FIFO delivery

Question 77

Are step functions an alternative to SQS

Answer 77

YEs

Question 78

What are some guarantees provided by Step Functions

Answer 78

Task is never duplicated and is assigned only once

Question 79

Is there such a thing as predictive scaling

Answer 79

Yes, it uses AI to predict load

Question 80

What does predictive scaling do

Answer 80

It uses machine learning to predict capacity requirements based on historical data from CloudWatch

Question 81

What EBS is the cheapest

Answer 81

Magnetic volumes

Question 82

What EBS provides storage with consistent and low-latency performance

Answer 82

Provisioned IOPS

Question 83

What EBS volumes support multi-attach

Answer 83

Provisioned IOPS io2 and io1

Question 84

What OS doesnt support OS-bypasss capavility of EFA

Answer 84

Windows

Question 85

What happens if you attach EFA to windows instance

Answer 85

It acts like an Elastic Network Interface, no OS bypass feature

Question 86

What is ENA

Answer 86

Provides traditional IP networking features

Question 87

What is AWS Compute Optimizer

Answer 87

Helps you identify optimal resource configuration, like Lmambda memory size, EC2 instance type, etc

Question 88

What is the only way to have automatic failover with RDS

Answer 88

Multi-AZ deployment

Question 89

Can you enforce license limits in AWS Licnse Manager

Answer 89

Yes