Amazon S3 Flashcards

(72 cards)

1
Q

How many bytes can files be in S3?

A

0 bytes to 5 TB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You create your buckets within a _____

A

You create your buckets within a Region

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

There’s no ____ for objects within a bucket

A

There’s no ____ for objects within a bucket

hierarchy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

S3 delivers strong ___ ___ ____ consistency

A

read-after-write consistency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You can use an object key name (prefix) to _____ folders

A

You can use an object key name (prefix) to mimic folders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the max default bucket amount per account?

A

100 buckets per account by default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What file type does S3 support?

A

any file type

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Each object is ____ and _______ by a unique key

A

Each object is ____ and _______ by a unique key

stored, retrieved

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Objects are stored in the region they are setup in unless you setup __________

A

setup replication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Bucket Policies are _________-based policies

A

Bucket Policies are resource-based policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Bucket policies can only be attached to Amazon __ _______

A

Bucket policies can only be attached to Amazon S3 buckets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

AWS generally recommends using ___ _____ policies or ___ policies rather than ACLS

A

AWS generally recommends using S3 bucket policies or IAM policies rather than ACLS

;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Use IAM policies if you have numerous S3 buckets that require ________ permissions

A

Use IAM policies if you have numerous S3 buckets that require different permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Bucket policies allow you to grant ____-______ access to your S3 environment, without using IAM _____

A

Bucket policies allow you to grant cross-account access to your S3 environment, without using IAM roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Versioning-enabled buckets enable you to recover objects from accidental ________ or ________

A

Versioning-enabled buckets enable you to recover objects from accidental deletion or overwrite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Transition actions are when objects transition to another _______ _____

A

Transition actions are when objects transition to another storage class

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Expiration actions are when an object ______ or gets ______ by S3

A

Expiration actions are when an object expires or gets deleted by S3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

You can transition any storage class to which two storage classes?

A

S3 Glacier or S3 Glacier Deep Archive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

You can’t transition any storage class to

A

S3 standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You can’t transition the S3 One Zone-IA storage class to which two storage classes?

A

Standard-IA or S3 Intelligent-Tiering storage classes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

MFA Delete Adds MFA requirement for bucket owners to perform the following actions: (2)

  • Changing the __________ state of a bucket
  • Permanently _______ an object version
A

Changing the versioning state of a bucket

  • Permanently deleting an object version
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

The second factor of MFA Delete is a _____ _________ by a hardware device or ________ program

A

The second factor of MFA Delete is a token generated by a hardware device or software program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Versioning can be enabled by: (3)

  • _____ owners
  • AWS account that ________ the bucket
  • _________ IAM users
A
  • Bucket owners
  • AWS account that created the bucket
  • Authorized IAM users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

MFA delete can be enabled by the ______ owner or ____ account

A

MFA delete can be enabled by the Bucket owner or root account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
MFA-protected API access is used to enforce the **\_\_\_\_\_\_\_\_\_\_\_** factor (MFA code) when accessing AWS **\_\_\_\_\_\_\_\_**
MFA-protected API access is used to enforce the **authentication** factor (MFA code) when accessing AWS **resources**
26
ServerSideEncryption SSE-S3 works by using **\_\_\_** existing encryption key for **\_\_\_\_\_\_\_\_**
ServerSideEncryption SSE-S3 works by using **S3's** existing encryption key for **AES-256**
27
With ServerSideEncryption Client SSE-C you upload your own _______ encryption key which S3 uses when it **\_\_\_\_\_\_** objects
With ServerSideEncryption Client SSE-C you upload your own **AES-256** encryption key which S3 uses when it **writes** objects
28
ServerSideEncryption SSE-KMS uses a key generated and managed by ___ \_\_\_
ServerSideEncryption SSE-KMS uses a key generated and managed by **AWS KMS**
29
How does client-side encryption work in regards to S3?
You encrypt objects using your own local encryption process before uploading to S3
30
Amazon S3 encrypts objects before saving them to disk and decrypts them when
Amazon S3 encrypts objects before saving them to disk and decrypts them when **the objects are downloaded**
31
S3 Event Notifications can possibly be sent to which three AWS services?
- Simple Notification Service (SNS) **topics** - Simple Queue Service (SQS) **queues** - AWS **Lambda**
32
S3 Multipart Upload can be used for objects from **\_\_\_\_\_** up to **\_\_\_\_\_**
S3 Multipart Upload can be used for objects from **5 MB** up to **5 TB**
33
S3 Transfer Acceleration leverages Amazon **\_\_\_\_\_\_\_\_\_\_ \_\_\_\_** Location
S3 Transfer Acceleration leverages Amazon **CloudFront Edge** Location
34
S3 Transfer Acceleration is used to accelerate object uploads to S3 over **\_\_\_\_ \_\_\_\_\_\_\_\_** to minimize **\_\_\_\_\_**
S3 Transfer Acceleration is used to accelerate object uploads to S3 over **long distances** to minimize **latency**
35
S3 Transfer Acceleration is as secure as a **\_\_\_\_\_\_** upload to S3
S3 Transfer Acceleration is as secure as a **direct** upload to S3
36
With S3 Transfer Acceleration, you are charged only if there was a **\_\_\_\_\_\_** in **\_\_\_\_\_\_** times
With S3 Transfer Acceleration, you are charged only if there was a **benefit** in **transfer** times
37
For S3 Transfer Acceleration, to work you need to **\_\_\_\_\_** transfer acceleration on the **\_\_ \_\_\_\_\_**
For S3 Transfer Acceleration, to work you need to **enable** transfer acceleration on the **S3 bucket**
38
S3 Copy API objects up to __ GB in size
S3 Copy API objects up to **5 GB in size**
39
S3 Copy API can be used to (3) - Move objects across AWS **\_\_\_\_\_\_** - Change object **\_\_\_\_\_\_\_** - **\_\_\_\_\_\_** objects
- Move objects across AWS ∫r**egions** - Change object **metadata** - **Rename** objects
40
S3 Copy API can be used to change the copy's **\_\_\_\_\_\_\_\_** class or **\_\_\_\_\_\_\_\_\_\_** at rest status
S3 Copy API can be used to change the copy's **storage** class or **encryption** at rest status
41
Server Access Logging provides **\_\_\_\_\_\_\_\_** records for the **\_\_\_\_\_\_** that are made to a bucket
Server Access Logging provides **detailed** records for the **requests** that are made to a bucket
42
Server Access Logging is ______ by default
Server Access Logging is **disabled** by default
43
Server Access Logging only pay for the **\_\_\_\_\_\_ \_\_\_\_\_** used
Server Access Logging only pay for the **storage space** used
44
Server Access Logging must grant **\_\_\_\_\_** permissions to the Amazon S3 log delivery group on the **\_\_\_\_\_\_\_\_\_\_** bucket
Server Access Logging must grant **write** permissions to the Amazon S3 log delivery group on the **destination** bucket
45
S3 Performance Optimizations increase **\_\_\_\_** and **\_\_\_\_\_** performance by **\_\_\_\_\_\_\_\_\_** reads
S3 Performance Optimizations increase **read** or **write** performance by **parallelizing** reads
46
S3 Performance Optimizations retry requests for **\_\_\_\_\_\_\_**-Sensitive **\_\_\_\_\_\_\_\_\_**
S3 Performance Optimizations retry requests for **Latency**-Sensitive **Applications**
47
S3 Performance Optimizations combine Amazon **\_\_** and Amazon **\_\_\_** in the Same AWS **\_\_\_\_\_\_**
S3 Performance Optimizations combine Amazon **S3** and Amazon **EC2** in the Same AWS **Region**
48
S3 Glacier Deep Archive retrieval time is within **\_\_** hours, which makes it the **\_\_\_\_\_\_** cost storage class
S3 Glacier Deep Archive retrieval time is within **12** hours, which makes it the **lowest** cost storage class
49
S3 Glacier Deep Archive is Ideal for highly-regulated industries that need to retain data for **\_\_-\_\_** years or longer to meet **\_\_\_\_\_\_\_\_\_** compliance requirements.
S3 Glacier Deep Archive is Ideal for highly-regulated industries that need to retain data for **7-10** years or longer to meet **regulatory** compliance requirements.
50
S3 Glacier Flexible Retrieval Features configurable retrieval times, from **\_\_\_\_\_\_\_** to **\_\_\_\_\_**, with free **\_\_\_\_** retrievals
S3 Glacier Flexible Retrieval Features configurable retrieval times, from **minutes** to **hours**, with free **bulk** retrievals
51
S3 Glacier Flexible is ideal for **\_\_\_\_\_\_\_** and **\_\_\_\_\_\_\_\_** recovery use cases when large sets of data need to be retrieved in **\_\_\_\_\_\_**, without concern for **\_\_\_\_\_**
S3 Glacier Flexible is ideal for **backup** and **disaster** recovery use cases when large sets of data need to be retrieved in **minutes**, without concern for **costs**
52
S3 Glacier Instant Retrieval provides data with the same speed, durability, and availability as S3 Standard. What is the main difference between the two?
S3 Glacier Instant Retrieval is a fraction of the price
53
S3 Glacier Instant Retrieval is ideal for archival data that needs immediate access such as
medical images, or new media
54
S3 One Zone-IA is ideal for customers who want a lower-cost option for infrequently accessed data but do not require the availability and resilience of which two S3 storage classes?
S3 Standard or S3 Standard Infrequent Access
55
The combination of low cost and high performance makes S3 Standard-IA ideal for? (3)
Long-term storage Backups Disaster recovery files
56
If your IAM policies are reaching their size limits you should
switch to using bucket policies
57
What is the max number of objects that can be stored in S3?
Unlimited
58
S3 Lifecycle management automates **\_\_\_\_\_\_\_\_** objects between the different **\_\_\_\_\_\_\_\_** tiers
S3 Lifecycle management automates **moving** objects between the different **storage** tiers
59
S3 Lifecycle management can be used in conjunction with versioning which would apply to the **\_\_\_\_\_\_\_** and **\_\_\_\_\_\_\_** versions
S3 Lifecycle management can be used in conjunction with versioning which would apply to the **current** and **previous** versions
60
Use S3 Object Lock to store objects using a Write **\_\_\_\_\_** Read **\_\_\_\_\_** model
Use S3 Object Lock to store objects using a Write **Once** Read **Many** (WORM) model
61
Object Lock can be applied to an individual **\_\_\_\_\_** or the entire **\_\_\_\_\_**
Object Lock can be applied to an individual **object** or the entire **bucket**
62
With Governance mode, users can't **\_\_\_\_\_\_\_\_\_\_** or **\_\_\_\_\_\_** an object **\_\_\_\_\_** unless they have special permissions.
With Governance mode, users can't **overwrite** or **delete** an object **version** unless they have special permissions.
63
With Governance mode, users can't **\_\_\_\_\_** a version **\_\_\_\_** settings unless they have special permissions.
With Governance mode, users can't **modify** a version **lock** settings unless they have special permissions.
64
What two modes does object lock come in?
Governance Mode Compliance Mode
65
With compliance mode an object version can't be **\_\_\_\_\_\_\_\_\_\_\_** or _______ by any user including the ____ \_\_\_\_
With compliance mode, an object version can't be **overwritten** or **deleted** by any user including the **root user**
66
You can get better performance with S3 by spreading reads across different prefixes. For example, if you are using 2 prefixes, you can achieve **\_\_\_\_\_** as many **\_\_\_\_\_\_** per second
You can get better performance with S3 by spreading reads across different prefixes. For example, if you are using 2 prefixes, you can achieve **twice** as many **requests** per second
67
S3 Glacier Deep Archive is used in which three industries? **\_\_\_\_\_\_\_\_\_\_** Services, Healthcare, and **\_\_\_\_\_** Sectors
**Financial** Services, Healthcare, and **Public** Sectors
68
S3 One Zone-IA stores data in one AZ while the other S3 Storage Classes store data in a minimum of __ AZs
S3 One Zone-IA stores data in on AZ while the other S3 Storage Classes store data in a minimum of **3** AZs
69
Object Lock can help prevent objects from being deleted or overwritten for a **\_\_\_\_\_\_** amount of time or **\_\_\_\_\_\_\_\_\_\_\_\_**
Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.
70
Object Lock works only in **\_\_\_\_\_\_\_\_\_** buckets
Object Lock works only in **versioned** buckets
71
S3 One Zone Infrequent Access is best used for data that requires ______ access when needed.
S3 One Zone Infrequent Access is best used for data that requires **rapid access** when needed.
72
S3 One Zone Infrequent Access is a good choice for storing ________ \_\_\_\_\_\_\_ copies
S3 One Zone Infrequent Access is a good choice for storing​ **secondary backup** copies