Things to Study

Question 1

What is Storage Gateway?

Answer 1

Hybrid cloud storage that connects to existing on-premises storage.
3 Types - File, Tape, and Volume Gateway

Question 2

What are the types of Storage Gateway?

Answer 2

File Gateway, Tape Gateway, Volume Gateway.

Question 3

What is WAF?

Answer 3

Web app firewall that protects apps against common exploits.

Question 4

What does WAF do?

Answer 4

Blocks requests except ones you allow and can check for presence of SQL code (SQL injections).

Question 5

What is AWS Direct Connect?

Answer 5

Establishes a dedicated connection from on-prem to AWS.

Question 6

What is AWS Virtual Private Network (VPN)?

Answer 6

Establishes a secure connection between on-premises networks, remote offices, client devices, and the AWS global network.

Question 7

What are the components of AWS VPN?

Answer 7

Comprised of Site-to-Site and Client VPN.

Question 8

What is Site-to-Site VPN?

Answer 8

A resource in a VPC can’t talk to your own network. Set up a Site-to-Site VPN to let stuff in your VPC talk to your existing network.

Question 9

What is AWS Virtual Private Cloud (VPC)?

Answer 9

Logically isolated section of the cloud where you can launch resources in a virtual network you define.

Question 10

What are the components of a VPC?

Answer 10

Subnet, Route Table, Internet Gateway, VPC Endpoint, VPC Peering.

Question 11

What is VPC Peering?

Answer 11

Connects two VPCs privately.

Question 12

What is Transit Gateway?

Answer 12

Connects VPC and on-prem network through a central Hub.

Question 13

What is an Internet Gateway?

Answer 13

VPC component that allows internet connection between your VPC and the internet.

Question 14

What is a VPC Endpoint?

Answer 14

Privately connects your VPC to AWS services without requiring an internet gateway.

Question 15

What are the types of VPC Endpoints?

Answer 15

Interface Endpoint - Private IP address that lets you connect VPC to some services (including SQS)
Gateway Endpoint - (S3, DynamoDB)

Question 16

What is Virtual MFA?

Answer 16

Like Authy - lets you use MFA without a physical device.

Question 17

What is a U2F Security Key?

Answer 17

Device you plug into USB port - what AWS uses.

Question 18

What is the Well-Architected Framework?

Answer 18

OSRPCS: Operational Excellence, Security, Reliability, Performance efficiency, Cost optimization, Sustainability.

Question 19

What is AWS Systems Manager Session Manager?

Answer 19

Fully managed service - interactive browser-based shell and CLI experience.

Question 20

What can AWS Organizations do?

Answer 20

Centrally manage billing, share access across AWS accounts, automate account creation, govern access across services.

Question 21

What is AWS Systems Manager?

Answer 21

View operational data from multiple services and manage resources. Can view ON-Prem & Cloud data in ONE PLACE

Question 22

What does AWS Compute Optimizer do?

Answer 22

Recommends optimal AWS resources for workloads.

Question 23

What is AWS Global Accelerator?

Answer 23

Improves availability and performance of apps with local or global users.

Question 24

What is AWS Shield Advanced?

Answer 24

Provides real-time reports into attacks on the network layer, transport layer, and application layer.

Question 25

What is Elastic Beanstalk?

Answer 25

Easy to use service for deploying web apps and services associated with various programming languages.

Question 26

What does CloudWatch do?

Answer 26

Resource performance monitoring, events, alerts (billing Alerts).

Question 27

What is CloudTrail?

Answer 27

Account specific activity & Audit.

Question 28

What does AWS Config do?

Answer 28

Resource specific change history, audit, compliance.

Question 29

What is Guard Duty?

Answer 29

Threat detection that monitors malicious activity and unauthorized behavior to protect AWS account.

Question 30

What is Instance Store?

Answer 30

Temporary block-level storage for an instance, ideal for temporary storage of frequently changing info.

Question 31

What does Systems Manager do?

Answer 31

Manage and operate resources at scale, central place to view and manage AWS resources. Can view ON-Prem & Cloud data in ONE PLACE.

Question 32

What are Read Replicas?

Answer 32

Allow you to create read-only copies of RDS databases for better read performance.

Question 33

What does Compute Optimizer do?

Answer 33

Helps identify optimal resource configuration.

Question 34

What is the difference between Service Health and Account Health?

Answer 34

Service Health is general status; Account Health is a personalized view of your services.

Question 35

What is an AMI?

Answer 35

Provides info required to launch an instance.

Question 36

What is Cost Explorer?

Answer 36

Visualize and manage AWS costs and usage over time. Looks backward and also helps forecast!

Question 37

What is AWS Pricing Calculator?

Answer 37

Explore AWS services & create an estimate for cost of your use cases. No forecasting. This is the same as TCO

Question 38

What is Cost & Usage Report?

Answer 38

Most in-depth look at costs; cannot forecast.

Question 39

What is MQ?

Answer 39

Managed message broker service that lets you do on-prem messaging.

Question 40

What is DynamoDB?

Answer 40

Key-value, document database that is fully managed and multi-region. THis is the flagship AWS product. It is SCHEMALESS.

Question 41

What is EFS?

Answer 41

Regional service storing data across multiple AZs, accessible by EC2 instances.

Question 42

What is Trusted Advisor

Answer 42

Trusted Advisor * Real-time guidance to help provision resources following best practices * Cost Optimization, Performance, Security, Fault Tolerance, Service Limits * Optimal Provisioning * Cost optimization, security, fault tolerance, service limits * Can check EBS and find volumes that are under-utilized

Question 45

What is Kendra?

Answer 45

A document search service that extracts answers from a document and is good for an internal wiki.

Question 46

What does Personalize do?

Answer 46

Builds apps with real-time personalized recommendations.

Question 47

What is Texttract?

Answer 47

Extracts text, handwriting, and data from scanned documents using AI/ML.

Question 48

What is SageMaker?

Answer 48

A fully managed service to build Machine Learning Models. Developers can create/build ML models using SageMaker.

Question 49

What is a model in the context of SageMaker?

Answer 49

A model predicts results based on inputs.

Question 50

What tasks can be done in SageMaker?

Answer 50

Building, labeling, fine-tuning, and training models.

Question 51

What does Rekognition do?

Answer 51

Finds objects, people, text, etc., in images and video, including facial analysis.

Question 52

What are some use cases of Rekognition?

Answer 52

Content moderation, celebrity recognition, and text grabbing.

Question 53

What is Artifact?

Answer 53

A service to create compliance reports.

Question 54

What does GuardDuty do?

Answer 54

Analyzes logs to find bad behavior (i.e., threats).

Question 55

What is Inspector?

Answer 55

An assessment service that helps improve security and compliance of apps deployed in AWS.

Question 56

What does Config do?

Answer 56

Tracks configuration changes.

Question 57

What is Macie?

Answer 57

Finds sensitive data (i.e., PII) in S3.

Question 58

What does CloudTrail do?

Answer 58

Tracks API calls.

Question 59

What is AWS Security Hub?

Answer 59

Gathers security findings.

Question 60

What does Detective do?

Answer 60

Finds the root cause of security issues.

Question 61

What is AWS Abuse?

Answer 61

Reports AWS resources used for abusive behavior.

Question 62

What is CodeBuild?

Answer 62

Compiles source code, runs tests, and produces packages ready to be deployed.

Question 63

What are the benefits of CodeBuild?

Answer 63

Fully managed, serverless, scalable, available, secure, and pay-as-you-go pricing.

Question 64

What is CodePipeline?

Answer 64

The basis for CI/CD and an orchestration layer to take code from CodeCommit, put it in CodeBuild, then CodeDeploy, and run it in Elastic Beanstalk.

Question 65

What is CodeArtifact?

Answer 65

An artifact management system for software development to store and retrieve software package dependencies.

Question 66

What does AWS X-Ray do?

Answer 66

Provides visual analysis of applications, showing all services, bottlenecks, and dependencies in a microservice architecture.

Question 67

What is Kinesis?

Answer 67

A service for real-time big data streaming to collect, process, and analyze real-time streaming data at any scale.

Question 68

What is S3 Transfer Acceleration?

Answer 68

Allows uploading/downloading to an edge location for S3 buckets, which then loads it into the right region.