X-Past Exams Flashcards
What happens to surplus cached data at Edge Locations?
If it hasn’t been used recently, it gets ejected
If a Regional Edge Cache is configured, then it is ejected into a local S3 bucket
How are High Availability and Fault Tolerance difference?
HA is resilient to component and AZ loss
Fault tolerant is HA but also no performance impact of losing an entire AZ
How does root user and IAM user login to the console differ?
Root users use an email address, IAM users use a username (though it may be an email)
What is notable about IPv6 addresses in VPCs?
They are all public
To what extent can NACLs be reused?
They can apply to multiple subnets, but only within one region
Can an instance have more than one security group?
Yes - this allows more traffic
Can a VPC have more than one IGW?
No
Can a VPC have more than one NAT Gateway?
Yes - in fact, they should have one for each AZ
In what order at NACL rules evaluated?
Lowest to highest
To what extent can security groups be reused?
They can be shared across instances in multiple subnets if they are in the same VPC
What is Neptune?
A NoSQL graph database service
It uses SPARQL or Gremlin for queries
What is Amazon MQ
A managed service for Apache MQ - is supports push and pull based operation
It is single instance sensitive - a standby is available but it can’t scale
What is special about EMR?
It can use S3 for storage and allows for transient clusters
Can can the performance impact of RDS back-ups be minimised?
With MultiAZ deployments, the backup can be taken from the secondary instance
Does MultiAZ RDS improve performance?
Only in the sense that it minimises the impact of backups
What is the SLA for EC2?
99.99% availability per month for ECS and EBS
What S3 data transfers are free?
All data in, transfers between buckets and other AWS services if in same region, transfers to CloudFront
(also the first 1 GB is free tier)
What is notable about the names for transfer acceleration buckets?
They can’t contain full-stops
Which AWS services give root access to the machine?
EC2 and EMR
What types of virtualisation exist on EC2?
Hardware Virtual Machine (HVM) and Paravirtual Machine (PM)
Is S3-Z-IA durable?
Yes, it maintains 11 9’s durability
What are the steps to setting up EFS on an instance?
Open Port 2049, mount it, and set the Linux file permissions
What happens when an EC2 instance is stopped and started again?
The underlying host changes and the instance store is lost
The public IP will change. The private IP won’t
What happens when an EC2 instance is rebooted?
The host does NOT change and the instance store is not wiped
The public IP will not change
What SNS alert is useful when debugging auto-scaling groups?
Look for EC2_INSTANCE_LAUNCH-ERROR
What is different about MariaDB?
It can’t combine read replicas with MultiAZ
Do changes to RDS require downtime?
Increasing storage does not but scaling up the instance does
What are some special features of Aurora?
It has continuous backups. Read-replicas share the underlying storage so there isn’t replication lag
They support both MySQL and PostgreSQL
There is a serverless offering in which you don’t worry about instances
What are ALB path patterns used for?
Routing different URL parts to different servers
What could cause a Classic Load Balancer do not share load across its instances?
Cross-Zone Load Balancing has not been enabled
Does RDS support custom plugins?
No
What are the limits on SQS message size? How does this affect pricing?
They can be up to 256 KB but are charged in blocks of 64 KB
How long are CloudWatch metrics of deleted instances retained for?
15 months
What happens when SAML is used to log into the console?
The user identity is verified before generating a response
A sign-in URL to the console is set as a redirect
What does a VPN into AWS require?
A Virtual Private Gateway, an on-premises Customer Gateway, and a VPC with Hardware VPN access
What are the tenancy options for EC2?
- Default (shared)
- Dedicated (just you)
- Host (you control config + same server each time)
Can tenancy options on EC2 be changed?
You can only switch between dedicated and host, but this requires restarting the instance
In practical terms, how resilient is S3?
All storage classes except S3-Z-IA are designed to sustain the complete loss of an AZ, or partial loss of two
At what level do Route Tables apply?
They apply to subnets, not instances
What are the steps to securely add an instance to the internet?
- Create a route from the instance’s subnet to a NAT Gateway
- Create a route from the NAT Gateway to an IGW
Are IGWs highly-available?
Yes, then span AZs
What should be used to prevent against single-instance failure?
An autoscaling group
How does EC2 auto-recover work?
It monitors CloudWatch alarms.
Note that it preserves the IP addresses of instances
Should you put load balancers in a database subnet?
No - there’s no point
How can traffic to host-names be blocked?
Use a proxy server - NACLs can’t block host-names
How can network throughput between instances be maximised?
Use enhanced networking and a clustered placement group
What performance does S3 provide?
5500 requests per second to read data; 3500 requests per second to write
Why might newly created EBS volumes be slow?
If created from a snapshot, they are slow each time a block is read for the first time
Can CloudFront cache dynamic content?
Yes if it is based on query strings
Can load balancers work with more than one https hostname at once?
ALBs can; Classic Load Balancers can’t because they can only have one SSL certificate at a time
Should on-prem be used with CloudFront?
Not really - it’s usually cheaper just to use S3
Can the type of an EC2 instance be changed?
Yes - this requires a restart and that they have similar architectures etc.
