TD Exam 6

Question 1

Can SQS accept http requests directly

Answer 1

No, No, not from outside AWS

Question 2

What is on-demand capacity reservation

Answer 2

It enables you to reserve compute capacity in a specific AZ for any duration.
No commitment
Capacity available immeditaly

Question 3

Is reserved capacity automatically used by running instances

Answer 3

yes, if they match

Question 4

Does on-demand capacity reservation count with discounts fro regional reservation and SAvings plans

Answer 4

Yes if instance attributes match

Question 5

Can you reserve capacity with Regional Reserved instances

Answer 5

No

Question 6

Do you need commitment when doing on-demand capacity reservation

Answer 6

No

Question 7

Does capacity reservation provide a discount

Answer 7

No

Question 8

How much do on-demand capacity reservation cost

Answer 8

Equivalent of on-demand whether you run instances or not

Question 9

Whatg do you pay for when you run an instance that matches attributes of an on-demand reservation

Answer 9

Pay only for the instance

Question 10

Can scheduled reserved instance reserve capacity

Answer 10

Yes

Question 11

What is the term for scheduled instance reservations

Answer 11

One year

Question 12

What is AWS Elastic Disaster Recovery service (DRS)

Answer 12

Provides continuous block-level replication, recovery orchestration and automated server conversion capability

Question 13

What kin of RPO and RTO can you expect from DRS

Answer 13

RPO of seconds, RTO of 5-20 mins

Question 14

What is the max number of instances for spread placement group

Answer 14

21, 7 per AZ

Question 15

Is there a limit for number of instances cluster placement group

Answer 15

Only the normal limit of instances in your account

Question 16

What is recommended when using cluster placement group

Answer 16

Launch them all in a single request and use same instance type (size deos not matter)

Question 17

What should you do if capacity error when launching new instance in cluster placement group

Answer 17

Stop and restart the instances

Question 18

What type of replication do you get when you have Aurora Read replica in other region

Answer 18

Asynchronous less than one second

Question 19

What type of replication do you get when you have RDS MySQL Read replica in other region

Answer 19

Asynchronous, more than one second

Question 20

What should you use if you need read replica with asynchronous replication that is less than one second

Answer 20

Aurora read replica

Question 21

Does Elastic Beanstalk support containers

Answer 21

Yes

Question 22

What should you use if you want something that automatically handles load balancing, auto-scaling, monitoring, placing containers, etc

Answer 22

Elastic Beanstalk

Question 23

What is the most efficient way to copy data with database

Answer 23

Aurora Cloning

Question 24

Does Aurora serverless support cloning

Answer 24

No

Question 25

Does Aurora serverless support IAM db auth

Answer 25

No

Question 26

Does Aurora serverless support Native functions

Answer 26

No

Question 27

Does scaing support metrics like CPU Utilization for ALB

Answer 27

No

Question 28

Can you use a lambda url directly as a webhook

Answer 28

Yes

Question 29

What is ECR

Answer 29

Alternative to docker hub

Question 30

What is in a container definition

Answer 30

Image
Ports

Question 31

What is a task in ECS

Answer 31

An app, can have multiple containers
Permissions is in task definition (task role)
Also if EC2 or Fargate

Question 32

What is ECS service

Answer 32

Define how a task should scale
Can have load balancer in front of it
Configure scaling and HA

Question 33

What is in a task definition in ECS

Answer 33

Security, container(s), resources

Question 34

What is in a service in ECS

Answer 34

How many copies, HA, Restarts

Question 35

How are CloudWatch Events turned into actions

Answer 35

Using Amazon EventBridge

Question 36

What is generated for ACM certificates that are eligible for renewal

Answer 36

AWS Health events

Question 37

Can you schedule CloudWatch event rules to run

Answer 37

Yes

Question 38

How can you force ssl for Microsoft SQL server

Answer 38

rds.force_ssl parameter and reboot instance
No work required by client app
Download Amazon RDS Root cert and import it to servers then configure app

Question 39

What engines is IAM DB auth available with

Answer 39

Postgres and MySQL

Question 40

What is Transparent Data Encryption (TDE) used for

Answer 40

Usually for data at rest, not in transit

Question 41

Does AWS Global Accelerator provide static IPs

Answer 41

Yes

Question 42

What is endpoint group in Global Accelertator

Answer 42

Associated with a region

Question 43

What are Unicast IP addresses

Answer 43

Multiple devices, route to device in closest location

Question 44

Can global accelerator be used with non-http

Answer 44

Yes

Question 45

Can cloudfront be used with non-http

Answer 45

No

Question 46

What does Global accelerator do in terms of IP

Answer 46

2 static unicast IPs that it assigns to you

Question 47

Do local zones support DX

Answer 47

Yes

Question 48

How does VPC work with local zones

Answer 48

Create subnets in local zones

Question 49

Where is S3 with local zones

Answer 49

In parent zone

Question 50

What is CloudFront cache control max-age directive

Answer 50

How long objects stay in cache

Question 51

Can you set 2 primary origins in cloudfront

Answer 51

No

Question 52

What is minimum cache time in cloudfront

Answer 52

0 for web distributions
3600 for rtmp (this is streaming??)

Question 53

What can an origin group contain

Answer 53

A primary and a secondary origin

Question 54

Can you use an autoscaling group as origin for CloudFront

Answer 54

No, you need a load balancer in front

Question 55

What type of operation is resharding in Kinesis

Answer 55

Pair-wise, divide in 2 or merge 2 shards

Question 56

How do you increase capacity of a Kinesis stream

Answer 56

More shards, more exp too tho

Question 57

Is there such a thing as Kinesis Video streams

Answer 57

Yes

Question 58

How long does Kinesis stream store by default

Answer 58

24h

Question 59

What is the max time of storage of data in Kinesis

Answer 59

365 days

Question 60

What is Appflow

Answer 60

Service, fully-managed, to integrat apps

Question 61

What is OpenSearch

Answer 61

Open source search engine

Question 62

Which elasticache config supports multithread by deaulft

Answer 62

Memcached

Question 63

Whcih elasticache engine supports advanced data structures

Answer 63

Redis

Question 64

Which elasticache engine supports replication

Answer 64

Redis

Question 65

Which elasticache engine supports backups

Answer 65

Redis

Question 66

Which elasticache engine supports transactions (multiple operations as one)

Answer 66

Reds

Question 67

Which elasticache engine supports multithreading

Answer 67

Memcached

Question 68

Which elasticache engine supports sharding

Answer 68

Memcached

Question 69

Which elasticache engine supports autodiscovery

Answer 69

Memcached

Question 70

Is Redis in elasticache able to detect and replace failed nodes automatically

Answer 70

No

Question 71

What are the adantages of memcached

Answer 71

Multithread
Node autodiscovery

Question 72

Is EFS storage capacity elastic

Answer 72

Yes

Question 73

What are the 2 performance modes for EFS

Answer 73

General purpose
Max IO

Question 74

What are the 2 throughput modes for EFS

Answer 74

Bursting
Provisioned

Question 75

What does cross-zone lone balancing do

Answer 75

Each load balancer node distributes traffic across registered targets in all AZs, if disabled, only same AZ as node

Question 76

Is cross-zone balancing enabled by default

Answer 76

Only on ALBs, not on NLBs

Question 77

What is the only required section in a CF template

Answer 77

Resources

Question 78

How do you control version with cloudfront

Answer 78

Invalidate files or give them versioned file names

Question 79

Advantages of CF object versions

Answer 79

Cheaper not to invalidate
Access logs speak better
Simplifies rolling forward and back

Question 80

Where are application files stores for Elastic Beanstalk

Answer 80

S3

Question 81

Where are log files stored for Elastic Beanstalk

Answer 81

S3 or CloudWatch logs

Question 82

What is ECS cluster auto-scaling

Answer 82

Allows ECS to manage scale-in and out of ASG

Question 83

Can you move assets directly to cloudfront

Answer 83

No

Question 84

Does file gateway have a local cache

Answer 84

Yes

Question 85

What does file gateway cache do

Answer 85

buffer for writes and cache for reads, cached read = immediate access

Question 86

Can Amazon pinpoint stream to Kinesis

Answer 86

Yes

Question 87

Is SNS suitable for multi-engagement SMS marketing campaign

Answer 87

No, use Pinpoint

Question 88

What does Amazon Connect do

Answer 88

Cloud customer contact center service (customer service)

Question 89

What does Amazon pinpoint do

Answer 89

Flexbile, scalable marketing communications service

Question 90

Can uploader set permissions for objects in S3

Answer 90

Yes

Question 91

Who owns an S3 object by deafult

Answer 91

Uploader account, not the bucket owner account

Question 92

How do you make sure the bucket owner has access to everything uploaded

Answer 92

Bucket policy requiring bucket-owner-full-control in object ACL

Question 93

What port is RDP

Answer 93

3389

Question 94

What protocol is RDP

Answer 94

TCP and UDP (I think), port 3389

Question 95

How do you get better permission with Athena

Answer 95

Convert to apache PArquet

Question 96

Advantages of parquet

Answer 96

Columnar storage
2x faster to upload
6x less storage
(In S3 compared to other text formats)

Question 97

What is a permission to read and write underlying data with access controlled by Lake Formation Permissions

Answer 97

IAM permission lakeformation:GetDataAccess

Question 98

What is a characteristic of EBS encryption by default

Answer 98

It is per region

Question 99

What happens to an unencryopted snapshot or volume when you set up encryption by default (EBS)

Answer 99

Resulting new volume or snapshot after will be encrypted

Question 100

Is there a direct way to encrypt existing snapshot or volume

Answer 100

No

Question 101

Does EBS encryption support asymmetric CMKs

Answer 101

No

Question 102

Can you change CMK associated with existing encrypted snapshot or volume (EBS)

Answer 102

No, but can associate different CMK during snapshot copy operation

Question 103

What are choices with auth when creating new IAM user by console

Answer 103

Console password or access keys, you need at least one
Not the case when created using CLI or API

Question 104

What are the 2 policies associated with a role

Answer 104

Trust policy (who can assume)
Permissions (what can it do)