AWS Fundamentals Flashcards Preview

AWS SA Associate > AWS Fundamentals > Flashcards

Flashcards in AWS Fundamentals Deck (161)
Loading flashcards...
1
Q

What is the cloud?

A

The cloud is a bunch of interconnected computers that perform computational tasks and handle/respond to requests.

2
Q

What are the 7 computing services delivered by the cloud?

A
  1. Compute
  2. Storage
  3. Development
  4. Databases
  5. Networking
  6. Analytics
  7. Security
3
Q

What is virtualization?

A

Virtualization is the dividing up of physical resources on a single computer into small units call virtual machines

4
Q

How is usage/billing determined In AWS ?

A
  1. On demand
  2. Pay as you go
5
Q

What are the 6 advantages to cloud computing?

A
  1. Global access
  2. No more maintaining hardware
  3. Economies of scale
  4. Increase speed and agility
  5. Capacity Efficiency
  6. Convert capital expenditure to variable expense
6
Q

What are the 4 benefits to cloud computing?

A
  1. High Availability
  2. Agility
  3. Elasticity
  4. Durability
7
Q

What is high Availabilty?

A

Very fault tolerent systems that are designed to run continously and respond quickly.

8
Q

What is Elasticity?

A

The ability to scale capacity to meet demand

9
Q

What is Agility?

A

The ability to innovate/iterate fast and increase speed to market.

10
Q

What is Durability?

A

The guarante that data can be stored long term with out loss or corruption

11
Q

What is the private cloud ?

A

The private cloud is on premises cloud deployment

12
Q

What is the public cloud?

A

The public cloud is fully managed servers that are not on premises and are available through the internet

13
Q

What is the hybrid cloud?

A

The hybrid cloud is the combination of a private cloud installation and a public cloud deployment

14
Q

What is the relationship between Regions, Availability Zones and Data Centers ?

A

Regions have multiple availbility zones within them and availbility zones have multiple data centers.

15
Q

What is a edge location ?

A

Edge locations are small data centers that cache content to reduce latency

16
Q

Who is automatically given the role of root user?

A

The root user role is automatically assined to the user that created the account

17
Q

What are the 4 ways to access AWS services ?

A
  1. AWS Console
  2. CLI Command line interface
  3. Application Code
  4. Software development kits
18
Q

What is a EC2?

A

Elastic Compute Cloud
A Virtual server service

19
Q

What is a Lamda?

A

Lamda is serverless compute service that lets you running code without managing servers.

20
Q

What are possible uses for lambda ?

A
  1. Real-time file processing
  2. Sending email notifications
  3. Backend business logic
21
Q

What are some lambda features ?

A
  1. supports popular programming languages
  2. you author code using your favorite development environment or via the console
  3. lambda can execute your code in response to events
  4. lambda functions have a 15 minute timeout
22
Q

What is the lambda pricing model?

A

You are charged based on duration and number of requests

23
Q

What is counted as a lambda request?

A

Every time a lambda starts execution also including test invokes

24
Q

What is the always free lambda model ?

A

The free tier includes 1 million free requests each month

25
Q

What is the Fargate service?

A

The Fargate service is a serverless compute engine for containers.

26
Q

What is the lightsail service?

A

The light sail service allows you to quickly launch all the resources you need to launch a small project

27
Q

What is the outposts service?

A

Outposts allows you to run cloud services in your internal data center

28
Q

What is the Batch service?

A

The batch service allows you to process large workloads in smaller chuncks

29
Q

What is the S3 Service?

A

Simple Storage Service is an object storage service for the cloud that is highly available.

30
Q

What are the two foundational components of S3 storage?

A
  1. Buckets
  2. Objects
31
Q

At what levels can you set security levels for S3 buckets using ACLs (Access Control Lists)

A
  1. At the bucket level
  2. At the object level
32
Q

What does S3 versioning enable you to do ?

A

Protect your files against accidental deletion and create fallbacks

33
Q

What are the 2 aspects of data accessibility metrics are used to compare S3 classes ?

A
  1. Durability (data is resistant to loss or corruption)
  2. Availability (how quickly you can access your data (latency))
34
Q

What are the 7 S3 classes ?

A
  1. S3 standard
    2 S3 Intelligent Tiering
    3 S3 standard infrequent access
  2. One Zone-Infrequent access
  3. S3 Glacier
  4. S3 Glacier Deep Archive
  5. S3 Outposts
35
Q

What are some real world uses for S3 services

A
  1. Static websites
  2. Data archive
  3. Analytics
  4. Mobile Applications
36
Q

What is the policy for S3 regions and namespaces ?

A

S3 is a regional service with a global namespace

37
Q

What are the 4 main storage solutions available in AWS

A
  1. Instance storage
  2. S3 bucket, object storage
  3. EBS Elastic Block Storage
  4. EFS Elastic File system storage
38
Q

What is AWS EBS?

A

Elastic block storage device (volume) is persistent storage that can grow and shrink.

39
Q

What are the characteristics of Elastic Block Storage?

A
  1. Is persistent
  2. Can be attached / Detached from an instance
  3. Is tied to one availability zone
    4 Recommended for quick accessibility, running a database, and longterm storage.
40
Q

What is AWS EFS?

A

Elastic file system is a serverless network file system for sharing files.

41
Q

What are the characteristics for elastic file system ?

A
  1. Can be connected to multiple instances at a time
  2. Only supports the linux file system
  3. Access across different availability zones in the same region
  4. More expensive than EBS
42
Q

What is EC2 instance store ?

A

EC2 instance store is volatile storage that is physically attached to your virtual server. It is very fast and is useful for temporary data storage.

43
Q

What is the storage gateway service ?

A

A service that allow a customer to connect on-premises and cloud data

44
Q

What is AWS Backup ?

A

AWS Backup helps you manage data backups across multiple AWS services. Frequency and Retention.
EC2, EBS, EFS

45
Q

What are the 3 main Content Delivery Services

A
  1. Cloud Front
  2. Global Accelerator
  3. S3 Transfer Acceleration
46
Q

What is AWS CloudFront ?

A

CloudFront is a content delivery network that lowers latency using amazon edge locations.
1. Makes content available globally
2. Allows you to restrict by location Geo-restriction
3. Prevents Attacks DDos Protection
4. Allows for IP address blocking

47
Q

What is AWS Global Accelerator?

A

A service that sends you user through the AWS global network when accessing content to improve latency and availability.
1. 60% boost
2. Automatically re-route traffic too healthy available regional endpoints

48
Q

What is AWS S3 transfer acceleration ?

A

A service that improves content uploads and downloads to and from S3 buckets.

48
Q

What is AWS S3 transfer acceleration?

A

A service that improves content uploads and downloads to and from S3 buckets.
1. Fast transfer of files over long distances
2. Uses cloudfront
3. Customers around the world can upload to a central bucket

49
Q

What is AWS Route 53?

A

A service that offers scalable DNS registration and application routing with service health check features.

50
Q

What is AWS VPC?

A

Virtual Private Cloud is a service that allows a user to set up a secure private network in the cloud with subnetting features where you launch your resources.

51
Q

What is AWS Direct Connect?

A

A service that offers a dedicated physical network connection from a on-premises data center to AWS

52
Q

What is AWS VPN?

A

A site to site VPN creates a secure connection between your internal networks and your AWS VPC’s

53
Q

What is AWS API Gateway?

A

A service that allows you to build and manage API’s

54
Q

What is AWS RDS?

A

RDS is the Relational Database Service for deploying popular database engines such as Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and SQL Server. Supports multiple availability zones, Manages automatic software patching, automated backups, operating system maintenance, and more.

55
Q

What is AWS Aurora?

A

Aurora is a relational database service compatible with PostgreSQL and MySQL That is faster than MySQL and PostgreSQL, scales automatically and is managed by RDS

56
Q

What is Dynamo DB?

A

Dynamo DB is a Nosql database service that implements a key value database, It is fully managed and serveless, scales automatically to massive workloads with fast perfomance.

57
Q

What is DocumentDB?

A

DocumentDB is a document database service, it is fully managed and serverless and is compatible with mongoDB.

58
Q

What is the AWS Service that offers fully managed in-memory datastore compatible with Redis and Memcached, that offers high perfomance and low latency, with the downside that data can be lost?

A

Amazon ElasticCache

59
Q

What is Amazon Neptune?

A

Is a fast and reliable fully managed and serverless graph database that supports highly connected datasets

60
Q

What is Amazon DMS?

A

DMS is the amazon database migration service
1. on-premises databases to AWS
2. Continuous data replication
3. Virtually no downtime

61
Q

What is Amazon SMS

A

SMS is the amazon server migration service that allows you to migrate on-premises servers to AWS

62
Q

What are the members of the Amazon snow family?

A

The snow family allows you to transfer large amounts of on-premises data to AWS using a physical device.
1. The snow cone - 8 Terabytes of data
2. The snow ball and snow edge - Petabyte scale data supports EC2 and lambda
3. The snow mobile - Multi Petabyta or Exabyte scale data

63
Q

What is the service that allows for online data transfer from on premises to AWS S3 or EFS?

A

Amazon DataSync

64
Q

What is Amazon Redshift?

A

Amazon redshift is a data warehousing solution. Data consolidation that handles exabyte-scale data

65
Q

What is Amazon Athena?

A

Amazon Athena is a query service for Amazon S3 for using Sql to query S3, Pay per query

66
Q

What is Amazon Glue?

A

Amazon glue prepares your data for analytics ETL extract, transform and load. Helps to better your data.

66
Q

What is Amazon Kinesis?

A

Amazon Kinesis all you to analyze data streams in real time, video, audio, application logs, website clickstreams and IOT.

67
Q

What is Amazon EMR

A

Amazon EMR is elastic map reduce which helps process large amounts of data.

68
Q

What is the amazon service that helps you move data between compute and storage services running either on premises or on AWS ?

A

Amazon data pipeline

69
Q

What is the amazon service that helps you visualize your data?

A

Amazon quicksight

70
Q

What is the cloud service that allows you to automate you image and video analysis, including face and text detection?

A

Amazon Rekognition

71
Q

What is Amazon comprehend ?

A

AWS Comprehend is a natural-language processing NLP service that finds relationships in text, Uncovers insights and relationships

72
Q

What is the Amazon service that turns text into speech?

A

Amazon Polly

73
Q

What is Amazon SageMaker?

A

Amazon Sage maker is service for building, training and deploying machine learning models quickly

74
Q

What is the amazon service that provides language translation ?

A

Amazon Translate

75
Q

What is Amazon Lex?

A

Lex helps you build conversational interfaces like chatbots.

76
Q

What is Amazon cloud 9?

A

Amazon Cloud9 is a inbrowser IDE for writing and debugging code on the amazon console

77
Q

What is the amazon service that offers a source control system for git repositories ?

A

Code Commit

78
Q

What does code build allow you to do?

A

Code build allows you to build and test your application source code, Enables continuous integration, produces build artifacts ready to be deployed

79
Q

What does code deploy do ?

A

Code deploy manages the deployment of code to compute services in the cloud or on-premises

80
Q

What is amazon codePipline?

A

It is a service that automates the software release process. It integrates with CodeCommit, CodeBuild and CodeDeploy to build artifacts, run tests and deploy new software.

81
Q

What is the amazon service that helps you debug applications and what else does it do?

A

Amazon X-Ray. Analyze and debug, map application components, view requests.

82
Q

What does Amazon code star do ?

A

CodeStar helps developers collaboratively work on development projects, Connects development environments, intergrates with CodeCommit, CodeBuild and CodeDeploy. Contains issue tracking dashboard

83
Q

What is cloudformation ?

A

Cloud formation is an infrastructure as code (IAC) service that allows you to provision AWS resources with code

84
Q

What is the AWS orchestration service that allows you to deploy your web applications by orchestrating various AWS services including EC2, S3, Simple notification service?

A

AWS Elastic Beanstalk

85
Q

What is AWS opsWorks?

A

AWS opsWorks is a service that helps you use Chef or Puppet to automate the configuration of your servers and deploy code.

86
Q

What is AWS SQS?

A

SQS is the simple queue service which is a FIFO queue that allows you to build loosely coupled systems.

87
Q

What is AWS SNS?

A

SNS is the simple notification service. It is a topic subscriber service that allows you to send text messages and simple emails

88
Q

What is AWS SES?

A

the Simple Email Sevice is a service that allows you to send richly formated HTML emails from your applications.

89
Q

What is CloudWatch?

A

CloudWatch is a collection of services that help you monitor and observe your cloud resources.

90
Q

What are the five main features that cloudWatch services offers?

A
  1. Detect Anomalies
  2. Alarms
  3. Logs
  4. Metrics
  5. Events
91
Q

What is CloudTrail and what does it help you do?

A

A service that tracks user activity and API calls with your account. Log and retain account activity. Tack Console, SDKs and CLI. Identify which user made changes. Detect unusual activity.

92
Q

What are the identity properties that you can track with CloudTrail?

A
  1. username
  2. event time
  3. event name
  4. IP address
  5. access key
  6. Region
  7. Error code
93
Q

What is the shared responsibility model ?

A

The shared responsibility model is a framework for the division of responsibility between AWS and the user.
AWS is in charge of security of the cloud and We are in charge of security in the cloud.

94
Q

What are AWS four main responsibilities as part of the Shared responsibility model?

A
  1. Global infrastructure
  2. Physical Security
  3. Physical Aspects of the service
    - networking components
    - generators
    - uninterruptible power supplies
  4. Software
    - Software for managed services
    - Host firmware
    - data access points
95
Q

What are the 6 main domain a AWS user is responible for as part of the shared responsibility model ?

A
  1. Application Software and Data including encryption
  2. Patching guest operating systems (security and updates)
  3. Network traffic configurations and firewalls
  4. Security Configuration. VPC, VPN and your accout credentials
  5. Identity and Access Management including all users.
  6. All installed software
96
Q

What are the 6 Pillars of a well-architected framework?

A
  1. Operational Excellence
  2. Security
  3. Reliablility
  4. Performance and efficiency
  5. Cost Optimization
  6. Sustainability
97
Q

What pillar of the well-architected framework focuses on creating applications that effectively support production workloads ?

A

Operational Excellence

98
Q

What does the security pillar of the 6 Pillars of a well-architected framework focus on?

A

Putting mechanisms in place to help protect your systems and data.

99
Q

What does the Reliability pillar of the 6 Pillars of a well-architected framework focus on?

A

Designing systems that work consistently and recover quickly

100
Q

What pillar of the well-architected framework focuses on effective use of computing resources to meet system and business requirements while removing bottlenecks ?

A

Performance Efficiency

101
Q

What does the Cost Optimization pillar of the 6 Pillars of a well-architected framework focus on?

A

Delivering the optimum and resilient solutions at the least cost to the user

102
Q

What does the Sustainability pillar of the 6 Pillars of a well-architected framework focus on?

A

Environmental impacts especially energy consumption and efficiency

103
Q

What is IAM?

A

Identity Access Management is a service that helps you secure cloud resources by allowing you to define who has access to resources.

104
Q

What are four things you can manage in IAM?

A
  1. Users
  2. Groups
  3. Policies
  4. Roles
105
Q

What is the difference between authentication and authorization ?

A

Authentication is about verifying identity, authorization is about determining what a identified user has access to

106
Q

What are four things the root user can do that a regular user cannot ?

A
  1. Close your account
  2. Change your email address
  3. Modify your support plan
  4. Change account settings
107
Q

What are user groups ?

A

Groups are a set of IAM users that helps you apply common access controls to all group members

108
Q

What is the principle of least privilege?

A

Give users the minimum access required to get the job done.

109
Q

What are Roles?

A

Roles define access permissions and are temporarily assumed by a IAM user or service (Generally for one session)

110
Q

What are Policies ?

A

Policies define the permissions for IAM users, groups and roles by creating a policy document in json format.

111
Q

What is the difference between a policy and a role ?

A

A policy defines the permission as a JSON document and is attatched to a role

112
Q

What are the four AMI Best Practices ?

A
  1. Enable MFA for privileged users
  2. Implement strong password policies
  3. Create individual users instead of using root
  4. Use roles for Amazon EC2 instances
113
Q

What feature lists all users in your account and the status of their various credenials including passwords, access keys, MFA and is used for auditing and compliance ?

A

IAM Credential Reports

114
Q

What is WAF ?

A

Web Application Firewall helps protect web applications against common web attacks.

115
Q

What does WAF protect against ?

A
  1. Common attack patterns
  2. SQL injection
  3. Cross-site scripting
116
Q

What is shield ?

A

Shield is a managed Distributed Denial of Service protection sevice.

117
Q

What is the difference between Shield standard and Shield Advanced?

A

Shield advanced provides in enhanced protection and 24/7 access to AWS experts for a fee while shield standard only protects against common and frequently occurring attacks

118
Q

What is amazon Macie ?

A

Amazon Macie helps you discover and protect sensitive data

119
Q

What service allows you to access, audit and evalute the configuration of your resources?

A

Amazon Config

120
Q

What is Amazon GardDuty ?

A

It is an intelligent threat detection system that uncovers unauthorized behaviour.

121
Q

How does guardDuty Work?

A

It Uses Machine Learning, built-in support for EC2, S3, and IAM and reviewing cloudtrail, VPC, Flow Logs and DNS Logs to detect unusual behaviour

122
Q

What is Amazon Inspector?

A

Inspector works with EC2 instances to uncover and report vulnerabilities

123
Q

What is Amazon Artifact?

A

Artifact offers on-demand access to AWS security and compliance reports

124
Q

What is Amazon cognito?

A

Amazon cognito helps you control access to mobile and web applications. Assists with user sign-up and sign-in.

125
Q

What is the difference between data in flight and data at rest ?

A

Data in flight is moving from one location to another while data at rest is inactive or stored for later use

126
Q

What is KMS?

A

Key management service allows you to generate and store encryption keys that AWS manages.

127
Q

What is CloudHSM?

A

hardware security module uses dedicated hardware to generate keys. AWS does not have access to your keys

128
Q

What is secrets Manager ?

A

Sercets Manager allows you to manage and retrieve secrets (passwords, keys)

129
Q

What are the 3 fundamental drivers of cost ?

A
  1. Compute
  2. Storage
  3. Outbound Data Transfer
130
Q

What are the 3 free offer types?

A
  1. 12 months free
  2. Always free
  3. Trials
131
Q

What are the 5 different ways to pay for EC2 instances ?

A
  1. On-Demand
  2. Savings Plan
  3. Reserved Instances
  4. Spot Instances
  5. Dedicated Hosts
132
Q

What is the lambda always free grantee ?

A

1 000 000 requests per month are always free

133
Q

What are the two cost drivers for with the Lambda ?

A
  1. number of requests
  2. execution time
134
Q

What are the four cost drivers for S3?

A
  1. Storage class
  2. number and size of objects
  3. Data transferred out of S3 region
  4. Requests made for data and amount of requests
135
Q

What are the 8 drivers for RDS ?

A
  1. Running clock hours
  2. Type of database
  3. Storage
  4. Purchase Type
  5. Database count
  6. Api requests
  7. Deployment type
  8. Data transfer
136
Q

What is TCO?

A

Total cost of ownership is a financial estimate that helps you understand the direct and indirect costs of AWS

137
Q

What is the Application Discovery Service?

A

The Application discovery service helps you plan migration projects to the AWS cloud and is used TCO

138
Q

What is the pricing calculator?

A

The pricing calculator helps you calculate the total cost of ownership

139
Q

What AWS service allows you to set custom budgets that alert you when your costs or usage exceed you budgeted amount and what types does it support?

A

AWS Budgets
1. Cost Budgets
2, Usage Budgets
3. Reservation Budgets

140
Q

What is Cost and Usage Reports ?

A

Cost and Usage Report contains the most comprehensive set of cost and usage data from your previous amazon bills

141
Q

What is AWS Cost Explorer?

A

It allows you to visualize and forecast your costs and usage over time. View past 12months and forcast for up to 3 months

142
Q

What are cost allocation tags useful for ?

A

Tags allow you to label resources using a key and value pair. The allow you to track costs via the cost allocation report

143
Q

What is AWS organizations ?

A

It is a sevice that allows you to centrally manage multiple AWS accounts, Automate account creation and aggregate payment into a single bill for all accounts

144
Q

What is AWS control tower?

A

Control Tower helps you ensure your accounts conform to company-wide policies, provides a dashboard and enforces best use of services

145
Q

What is AWS systems manager?

A

Systems Manager gives you visibility and control over you AWS resources. I allows you to automate operational tasks on resources, patch and run commands on multiple resources (multiple EC2’s or RDS instances)

146
Q

What is AWS trusted advisor ?

A

Trusted advisor provides real-time guidance to help you provision your resources following AWS best practices

147
Q

What AWS service helps you manage Software licenses on premises and on AWS?

A

License Manager

148
Q

What is AWS certificate manager?

A

Certificate Manager helps you provision and manage public and private SSL/TLS certificates for free

149
Q

What are SCP’s ?

A

Service control policies enforce policies that you want everyone in a organization to follow

150
Q

What are the benfits of AWS managed services?

A

Managed services help you efficiently operate you AWS infrastructure by augmenting internal staff, providing ongoing management of infrastructure, and reducing operational risk

151
Q

What is AWS professional services?

A

Professional Services helps enterprise customers move to a cloud-based operating model

152
Q

What is AWS partner Network ? (APN)

A

It is a global community of approved partners that offer software solutions and consulting services for AWS.

153
Q

What is AWS Personal Health Dashboard?

A

It is a service that alerts you to event that might impact your AWS environment.
Provides troubleshooting guidance
Provides feedback tailored to your specific environment

154
Q

What are the for amazon support plans ?

A
  1. Basic (free)
  2. Developer
  3. Business
  4. Enterprise
155
Q

What support case types can you open with a basic support plan ?

A
  1. Account and Billing
  2. Service limit increase
156
Q

What support case types can you open with a Developer support plan ?

A
  1. Account and billing
  2. Service limit increase
  3. Technical support

You also get 1 primary contact
Unlimited Cases

157
Q

What support case types can you open with a Business support plan ?

A
  1. Account and billing
  2. Service limit increase
  3. Technical support

Unlimited contacts
Unlimited Cases
Full Set of Trusted Advisor Checks

158
Q

What support case types can you open with a Enterprise support plan ?

A
  1. Account and billing
  2. Service limit increase
  3. Technical support

Unlimited contacts
Unlimited Cases
Technical Account Manager
Concierge Support Team
Infrastructure Event Management
Full Set of Trusted Advisor Checks

159
Q
A