AWS Fundamentals

Question 1

What is the cloud?

Answer 1

The cloud is a bunch of interconnected computers that perform computational tasks and handle/respond to requests.

Question 2

What are the 7 computing services delivered by the cloud?

Answer 2

1. Compute
2. Storage
3. Development
4. Databases
5. Networking
6. Analytics
7. Security

Question 3

What is virtualization?

Answer 3

Virtualization is the dividing up of physical resources on a single computer into small units call virtual machines

Question 4

How is usage/billing determined In AWS ?

Answer 4

1. On demand
2. Pay as you go

Question 5

What are the 6 advantages to cloud computing?

Answer 5

1. Global access
2. No more maintaining hardware
3. Economies of scale
4. Increase speed and agility
5. Capacity Efficiency
6. Convert capital expenditure to variable expense

Question 6

What are the 4 benefits to cloud computing?

Answer 6

1. High Availability
2. Agility
3. Elasticity
4. Durability

Question 7

What is high Availabilty?

Answer 7

Very fault tolerent systems that are designed to run continously and respond quickly.

Question 8

What is Elasticity?

Answer 8

The ability to scale capacity to meet demand

Question 9

What is Agility?

Answer 9

The ability to innovate/iterate fast and increase speed to market.

Question 10

What is Durability?

Answer 10

The guarante that data can be stored long term with out loss or corruption

Question 11

What is the private cloud ?

Answer 11

The private cloud is on premises cloud deployment

Question 12

What is the public cloud?

Answer 12

The public cloud is fully managed servers that are not on premises and are available through the internet

Question 13

What is the hybrid cloud?

Answer 13

The hybrid cloud is the combination of a private cloud installation and a public cloud deployment

Question 14

What is the relationship between Regions, Availability Zones and Data Centers ?

Answer 14

Regions have multiple availbility zones within them and availbility zones have multiple data centers.

Question 15

What is a edge location ?

Answer 15

Edge locations are small data centers that cache content to reduce latency

Question 16

Who is automatically given the role of root user?

Answer 16

The root user role is automatically assined to the user that created the account

Question 17

What are the 4 ways to access AWS services ?

Answer 17

1. AWS Console
2. CLI Command line interface
3. Application Code
4. Software development kits

Question 18

What is a EC2?

Answer 18

Elastic Compute Cloud
A Virtual server service

Question 19

What is a Lamda?

Answer 19

Lamda is serverless compute service that lets you running code without managing servers.

Question 20

What are possible uses for lambda ?

Answer 20

1. Real-time file processing
2. Sending email notifications
3. Backend business logic

Question 21

What are some lambda features ?

Answer 21

1. supports popular programming languages
2. you author code using your favorite development environment or via the console
3. lambda can execute your code in response to events
4. lambda functions have a 15 minute timeout

Question 22

What is the lambda pricing model?

Answer 22

You are charged based on duration and number of requests

Question 23

What is counted as a lambda request?

Answer 23

Every time a lambda starts execution also including test invokes

Question 24

What is the always free lambda model ?

Answer 24

The free tier includes 1 million free requests each month

Question 25

What is the Fargate service?

Answer 25

The Fargate service is a serverless compute engine for containers.

Question 26

What is the lightsail service?

Answer 26

The light sail service allows you to quickly launch all the resources you need to launch a small project

Question 27

What is the outposts service?

Answer 27

Outposts allows you to run cloud services in your internal data center

Question 28

What is the Batch service?

Answer 28

The batch service allows you to process large workloads in smaller chuncks

Question 29

What is the S3 Service?

Answer 29

Simple Storage Service is an object storage service for the cloud that is highly available.

Question 30

What are the two foundational components of S3 storage?

Answer 30

1. Buckets
2. Objects

Question 31

At what levels can you set security levels for S3 buckets using ACLs (Access Control Lists)

Answer 31

1. At the bucket level
2. At the object level

Question 32

What does S3 versioning enable you to do ?

Answer 32

Protect your files against accidental deletion and create fallbacks

Question 33

What are the 2 aspects of data accessibility metrics are used to compare S3 classes ?

Answer 33

1. Durability (data is resistant to loss or corruption)
2. Availability (how quickly you can access your data (latency))

Question 34

What are the 7 S3 classes ?

Answer 34

1. S3 standard
   2 S3 Intelligent Tiering
   3 S3 standard infrequent access
2. One Zone-Infrequent access
3. S3 Glacier
4. S3 Glacier Deep Archive
5. S3 Outposts

Question 35

What are some real world uses for S3 services

Answer 35

1. Static websites
2. Data archive
3. Analytics
4. Mobile Applications

Question 36

What is the policy for S3 regions and namespaces ?

Answer 36

S3 is a regional service with a global namespace

Question 37

What are the 4 main storage solutions available in AWS

Answer 37

1. Instance storage
2. S3 bucket, object storage
3. EBS Elastic Block Storage
4. EFS Elastic File system storage

Question 38

What is AWS EBS?

Answer 38

Elastic block storage device (volume) is persistent storage that can grow and shrink.

Question 39

What are the characteristics of Elastic Block Storage?

Answer 39

1. Is persistent
2. Can be attached / Detached from an instance
3. Is tied to one availability zone
   4 Recommended for quick accessibility, running a database, and longterm storage.

Question 40

What is AWS EFS?

Answer 40

Elastic file system is a serverless network file system for sharing files.

Question 41

What are the characteristics for elastic file system ?

Answer 41

1. Can be connected to multiple instances at a time
2. Only supports the linux file system
3. Access across different availability zones in the same region
4. More expensive than EBS

Question 42

What is EC2 instance store ?

Answer 42

EC2 instance store is volatile storage that is physically attached to your virtual server. It is very fast and is useful for temporary data storage.

Question 43

What is the storage gateway service ?

Answer 43

A service that allow a customer to connect on-premises and cloud data

Question 44

What is AWS Backup ?

Answer 44

AWS Backup helps you manage data backups across multiple AWS services. Frequency and Retention.
EC2, EBS, EFS

Question 45

What are the 3 main Content Delivery Services

Answer 45

1. Cloud Front
2. Global Accelerator
3. S3 Transfer Acceleration

Question 46

What is AWS CloudFront ?

Answer 46

CloudFront is a content delivery network that lowers latency using amazon edge locations.
1. Makes content available globally
2. Allows you to restrict by location Geo-restriction
3. Prevents Attacks DDos Protection
4. Allows for IP address blocking

Question 47

What is AWS Global Accelerator?

Answer 47

A service that sends you user through the AWS global network when accessing content to improve latency and availability.
1. 60% boost
2. Automatically re-route traffic too healthy available regional endpoints

Question 48

What is AWS S3 transfer acceleration ?

Answer 48

A service that improves content uploads and downloads to and from S3 buckets.

Question 48

What is AWS S3 transfer acceleration?

Answer 48

A service that improves content uploads and downloads to and from S3 buckets.
1. Fast transfer of files over long distances
2. Uses cloudfront
3. Customers around the world can upload to a central bucket

Question 49

What is AWS Route 53?

Answer 49

A service that offers scalable DNS registration and application routing with service health check features.

Question 50

What is AWS VPC?

Answer 50

Virtual Private Cloud is a service that allows a user to set up a secure private network in the cloud with subnetting features where you launch your resources.

Question 51

What is AWS Direct Connect?

Answer 51

A service that offers a dedicated physical network connection from a on-premises data center to AWS

Question 52

What is AWS VPN?

Answer 52

A site to site VPN creates a secure connection between your internal networks and your AWS VPC’s

Question 53

What is AWS API Gateway?

Answer 53

A service that allows you to build and manage API’s

Question 54

What is AWS RDS?

Answer 54

RDS is the Relational Database Service for deploying popular database engines such as Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and SQL Server. Supports multiple availability zones, Manages automatic software patching, automated backups, operating system maintenance, and more.

Question 55

What is AWS Aurora?

Answer 55

Aurora is a relational database service compatible with PostgreSQL and MySQL That is faster than MySQL and PostgreSQL, scales automatically and is managed by RDS

Question 56

What is Dynamo DB?

Answer 56

Dynamo DB is a Nosql database service that implements a key value database, It is fully managed and serveless, scales automatically to massive workloads with fast perfomance.

Question 57

What is DocumentDB?

Answer 57

DocumentDB is a document database service, it is fully managed and serverless and is compatible with mongoDB.

Question 58

What is the AWS Service that offers fully managed in-memory datastore compatible with Redis and Memcached, that offers high perfomance and low latency, with the downside that data can be lost?

Answer 58

Amazon ElasticCache

Question 59

What is Amazon Neptune?

Answer 59

Is a fast and reliable fully managed and serverless graph database that supports highly connected datasets

Question 60

What is Amazon DMS?

Answer 60

DMS is the amazon database migration service
1. on-premises databases to AWS
2. Continuous data replication
3. Virtually no downtime

Question 61

What is Amazon SMS

Answer 61

SMS is the amazon server migration service that allows you to migrate on-premises servers to AWS

Question 62

What are the members of the Amazon snow family?

Answer 62

The snow family allows you to transfer large amounts of on-premises data to AWS using a physical device.
1. The snow cone - 8 Terabytes of data
2. The snow ball and snow edge - Petabyte scale data supports EC2 and lambda
3. The snow mobile - Multi Petabyta or Exabyte scale data

Question 63

What is the service that allows for online data transfer from on premises to AWS S3 or EFS?

Answer 63

Amazon DataSync

Question 64

What is Amazon Redshift?

Answer 64

Amazon redshift is a data warehousing solution. Data consolidation that handles exabyte-scale data

Question 65

What is Amazon Athena?

Answer 65

Amazon Athena is a query service for Amazon S3 for using Sql to query S3, Pay per query

Question 66

What is Amazon Glue?

Answer 66

Amazon glue prepares your data for analytics ETL extract, transform and load. Helps to better your data.

Question 66

What is Amazon Kinesis?

Answer 66

Amazon Kinesis all you to analyze data streams in real time, video, audio, application logs, website clickstreams and IOT.

Question 67

What is Amazon EMR

Answer 67

Amazon EMR is elastic map reduce which helps process large amounts of data.

Question 68

What is the amazon service that helps you move data between compute and storage services running either on premises or on AWS ?

Answer 68

Amazon data pipeline

Question 69

What is the amazon service that helps you visualize your data?

Answer 69

Amazon quicksight

Question 70

What is the cloud service that allows you to automate you image and video analysis, including face and text detection?

Answer 70

Amazon Rekognition

Question 71

What is Amazon comprehend ?

Answer 71

AWS Comprehend is a natural-language processing NLP service that finds relationships in text, Uncovers insights and relationships

Question 72

What is the Amazon service that turns text into speech?

Answer 72

Amazon Polly

Question 73

What is Amazon SageMaker?

Answer 73

Amazon Sage maker is service for building, training and deploying machine learning models quickly

Question 74

What is the amazon service that provides language translation ?

Answer 74

Amazon Translate

Question 75

What is Amazon Lex?

Answer 75

Lex helps you build conversational interfaces like chatbots.

Question 76

What is Amazon cloud 9?

Answer 76

Amazon Cloud9 is a inbrowser IDE for writing and debugging code on the amazon console

Question 77

What is the amazon service that offers a source control system for git repositories ?

Answer 77

Code Commit

Question 78

What does code build allow you to do?

Answer 78

Code build allows you to build and test your application source code, Enables continuous integration, produces build artifacts ready to be deployed

Question 79

What does code deploy do ?

Answer 79

Code deploy manages the deployment of code to compute services in the cloud or on-premises

Question 80

What is amazon codePipline?

Answer 80

It is a service that automates the software release process. It integrates with CodeCommit, CodeBuild and CodeDeploy to build artifacts, run tests and deploy new software.

Question 81

What is the amazon service that helps you debug applications and what else does it do?

Answer 81

Amazon X-Ray. Analyze and debug, map application components, view requests.

Question 82

What does Amazon code star do ?

Answer 82

CodeStar helps developers collaboratively work on development projects, Connects development environments, intergrates with CodeCommit, CodeBuild and CodeDeploy. Contains issue tracking dashboard

Question 83

What is cloudformation ?

Answer 83

Cloud formation is an infrastructure as code (IAC) service that allows you to provision AWS resources with code

Question 84

What is the AWS orchestration service that allows you to deploy your web applications by orchestrating various AWS services including EC2, S3, Simple notification service?

Answer 84

AWS Elastic Beanstalk

Question 85

What is AWS opsWorks?

Answer 85

AWS opsWorks is a service that helps you use Chef or Puppet to automate the configuration of your servers and deploy code.

Question 86

What is AWS SQS?

Answer 86

SQS is the simple queue service which is a FIFO queue that allows you to build loosely coupled systems.

Question 87

What is AWS SNS?

Answer 87

SNS is the simple notification service. It is a topic subscriber service that allows you to send text messages and simple emails

Question 88

What is AWS SES?

Answer 88

the Simple Email Sevice is a service that allows you to send richly formated HTML emails from your applications.

Question 89

What is CloudWatch?

Answer 89

CloudWatch is a collection of services that help you monitor and observe your cloud resources.

Question 90

What are the five main features that cloudWatch services offers?

Answer 90

1. Detect Anomalies
2. Alarms
3. Logs
4. Metrics
5. Events

Question 91

What is CloudTrail and what does it help you do?

Answer 91

A service that tracks user activity and API calls with your account. Log and retain account activity. Tack Console, SDKs and CLI. Identify which user made changes. Detect unusual activity.

Question 92

What are the identity properties that you can track with CloudTrail?

Answer 92

1. username
2. event time
3. event name
4. IP address
5. access key
6. Region
7. Error code

Question 93

What is the shared responsibility model ?

Answer 93

The shared responsibility model is a framework for the division of responsibility between AWS and the user.
AWS is in charge of security of the cloud and We are in charge of security in the cloud.

Question 94

What are AWS four main responsibilities as part of the Shared responsibility model?

Answer 94

1. Global infrastructure
2. Physical Security
3. Physical Aspects of the service
   - networking components
   - generators
   - uninterruptible power supplies
4. Software
   - Software for managed services
   - Host firmware
   - data access points

Question 95

What are the 6 main domain a AWS user is responible for as part of the shared responsibility model ?

Answer 95

1. Application Software and Data including encryption
2. Patching guest operating systems (security and updates)
3. Network traffic configurations and firewalls
4. Security Configuration. VPC, VPN and your accout credentials
5. Identity and Access Management including all users.
6. All installed software

Question 96

What are the 6 Pillars of a well-architected framework?

Answer 96

1. Operational Excellence
2. Security
3. Reliablility
4. Performance and efficiency
5. Cost Optimization
6. Sustainability

Question 97

What pillar of the well-architected framework focuses on creating applications that effectively support production workloads ?

Answer 97

Operational Excellence

Question 98

What does the security pillar of the 6 Pillars of a well-architected framework focus on?

Answer 98

Putting mechanisms in place to help protect your systems and data.

Question 99

What does the Reliability pillar of the 6 Pillars of a well-architected framework focus on?

Answer 99

Designing systems that work consistently and recover quickly

Question 100

What pillar of the well-architected framework focuses on effective use of computing resources to meet system and business requirements while removing bottlenecks ?

Answer 100

Performance Efficiency

Question 101

What does the Cost Optimization pillar of the 6 Pillars of a well-architected framework focus on?

Answer 101

Delivering the optimum and resilient solutions at the least cost to the user

Question 102

What does the Sustainability pillar of the 6 Pillars of a well-architected framework focus on?

Answer 102

Environmental impacts especially energy consumption and efficiency

Question 103

What is IAM?

Answer 103

Identity Access Management is a service that helps you secure cloud resources by allowing you to define who has access to resources.

Question 104

What are four things you can manage in IAM?

Answer 104

1. Users
2. Groups
3. Policies
4. Roles

Question 105

What is the difference between authentication and authorization ?

Answer 105

Authentication is about verifying identity, authorization is about determining what a identified user has access to

Question 106

What are four things the root user can do that a regular user cannot ?

Answer 106

1. Close your account
2. Change your email address
3. Modify your support plan
4. Change account settings

Question 107

What are user groups ?

Answer 107

Groups are a set of IAM users that helps you apply common access controls to all group members

Question 108

What is the principle of least privilege?

Answer 108

Give users the minimum access required to get the job done.

Question 109

What are Roles?

Answer 109

Roles define access permissions and are temporarily assumed by a IAM user or service (Generally for one session)

Question 110

What are Policies ?

Answer 110

Policies define the permissions for IAM users, groups and roles by creating a policy document in json format.

Question 111

What is the difference between a policy and a role ?

Answer 111

A policy defines the permission as a JSON document and is attatched to a role

Question 112

What are the four AMI Best Practices ?

Answer 112

1. Enable MFA for privileged users
2. Implement strong password policies
3. Create individual users instead of using root
4. Use roles for Amazon EC2 instances

Question 113

What feature lists all users in your account and the status of their various credenials including passwords, access keys, MFA and is used for auditing and compliance ?

Answer 113

IAM Credential Reports

Question 114

What is WAF ?

Answer 114

Web Application Firewall helps protect web applications against common web attacks.

Question 115

What does WAF protect against ?

Answer 115

1. Common attack patterns
2. SQL injection
3. Cross-site scripting

Question 116

What is shield ?

Answer 116

Shield is a managed Distributed Denial of Service protection sevice.

Question 117

What is the difference between Shield standard and Shield Advanced?

Answer 117

Shield advanced provides in enhanced protection and 24/7 access to AWS experts for a fee while shield standard only protects against common and frequently occurring attacks

Question 118

What is amazon Macie ?

Answer 118

Amazon Macie helps you discover and protect sensitive data

Question 119

What service allows you to access, audit and evalute the configuration of your resources?

Answer 119

Amazon Config

Question 120

What is Amazon GardDuty ?

Answer 120

It is an intelligent threat detection system that uncovers unauthorized behaviour.

Question 121

How does guardDuty Work?

Answer 121

It Uses Machine Learning, built-in support for EC2, S3, and IAM and reviewing cloudtrail, VPC, Flow Logs and DNS Logs to detect unusual behaviour

Question 122

What is Amazon Inspector?

Answer 122

Inspector works with EC2 instances to uncover and report vulnerabilities

Question 123

What is Amazon Artifact?

Answer 123

Artifact offers on-demand access to AWS security and compliance reports

Question 124

What is Amazon cognito?

Answer 124

Amazon cognito helps you control access to mobile and web applications. Assists with user sign-up and sign-in.

Question 125

What is the difference between data in flight and data at rest ?

Answer 125

Data in flight is moving from one location to another while data at rest is inactive or stored for later use

Question 126

What is KMS?

Answer 126

Key management service allows you to generate and store encryption keys that AWS manages.

Question 127

What is CloudHSM?

Answer 127

hardware security module uses dedicated hardware to generate keys. AWS does not have access to your keys

Question 128

What is secrets Manager ?

Answer 128

Sercets Manager allows you to manage and retrieve secrets (passwords, keys)

Question 129

What are the 3 fundamental drivers of cost ?

Answer 129

1. Compute
2. Storage
3. Outbound Data Transfer

Question 130

What are the 3 free offer types?

Answer 130

1. 12 months free
2. Always free
3. Trials

Question 131

What are the 5 different ways to pay for EC2 instances ?

Answer 131

1. On-Demand
2. Savings Plan
3. Reserved Instances
4. Spot Instances
5. Dedicated Hosts

Question 132

What is the lambda always free grantee ?

Answer 132

1 000 000 requests per month are always free

Question 133

What are the two cost drivers for with the Lambda ?

Answer 133

1. number of requests
2. execution time

Question 134

What are the four cost drivers for S3?

Answer 134

1. Storage class
2. number and size of objects
3. Data transferred out of S3 region
4. Requests made for data and amount of requests

Question 135

What are the 8 drivers for RDS ?

Answer 135

1. Running clock hours
2. Type of database
3. Storage
4. Purchase Type
5. Database count
6. Api requests
7. Deployment type
8. Data transfer

Question 136

What is TCO?

Answer 136

Total cost of ownership is a financial estimate that helps you understand the direct and indirect costs of AWS

Question 137

What is the Application Discovery Service?

Answer 137

The Application discovery service helps you plan migration projects to the AWS cloud and is used TCO

Question 138

What is the pricing calculator?

Answer 138

The pricing calculator helps you calculate the total cost of ownership

Question 139

What AWS service allows you to set custom budgets that alert you when your costs or usage exceed you budgeted amount and what types does it support?

Answer 139

AWS Budgets
1. Cost Budgets
2, Usage Budgets
3. Reservation Budgets

Question 140

What is Cost and Usage Reports ?

Answer 140

Cost and Usage Report contains the most comprehensive set of cost and usage data from your previous amazon bills

Question 141

What is AWS Cost Explorer?

Answer 141

It allows you to visualize and forecast your costs and usage over time. View past 12months and forcast for up to 3 months

Question 142

What are cost allocation tags useful for ?

Answer 142

Tags allow you to label resources using a key and value pair. The allow you to track costs via the cost allocation report

Question 143

What is AWS organizations ?

Answer 143

It is a sevice that allows you to centrally manage multiple AWS accounts, Automate account creation and aggregate payment into a single bill for all accounts

Question 144

What is AWS control tower?

Answer 144

Control Tower helps you ensure your accounts conform to company-wide policies, provides a dashboard and enforces best use of services

Question 145

What is AWS systems manager?

Answer 145

Systems Manager gives you visibility and control over you AWS resources. I allows you to automate operational tasks on resources, patch and run commands on multiple resources (multiple EC2’s or RDS instances)

Question 146

What is AWS trusted advisor ?

Answer 146

Trusted advisor provides real-time guidance to help you provision your resources following AWS best practices

Question 147

What AWS service helps you manage Software licenses on premises and on AWS?

Answer 147

License Manager

Question 148

What is AWS certificate manager?

Answer 148

Certificate Manager helps you provision and manage public and private SSL/TLS certificates for free

Question 149

What are SCP’s ?

Answer 149

Service control policies enforce policies that you want everyone in a organization to follow

Question 150

What are the benfits of AWS managed services?

Answer 150

Managed services help you efficiently operate you AWS infrastructure by augmenting internal staff, providing ongoing management of infrastructure, and reducing operational risk

Question 151

What is AWS professional services?

Answer 151

Professional Services helps enterprise customers move to a cloud-based operating model

Question 152

What is AWS partner Network ? (APN)

Answer 152

It is a global community of approved partners that offer software solutions and consulting services for AWS.

Question 153

What is AWS Personal Health Dashboard?

Answer 153

It is a service that alerts you to event that might impact your AWS environment.
Provides troubleshooting guidance
Provides feedback tailored to your specific environment

Question 154

What are the for amazon support plans ?

Answer 154

1. Basic (free)
2. Developer
3. Business
4. Enterprise

Question 155

What support case types can you open with a basic support plan ?

Answer 155

1. Account and Billing
2. Service limit increase

Question 156

What support case types can you open with a Developer support plan ?

Answer 156

1. Account and billing
2. Service limit increase
3. Technical support

You also get 1 primary contact
Unlimited Cases

Question 157

What support case types can you open with a Business support plan ?

Answer 157

1. Account and billing
2. Service limit increase
3. Technical support

Unlimited contacts
Unlimited Cases
Full Set of Trusted Advisor Checks

Question 158

What support case types can you open with a Enterprise support plan ?

Answer 158

1. Account and billing
2. Service limit increase
3. Technical support

Unlimited contacts
Unlimited Cases
Technical Account Manager
Concierge Support Team
Infrastructure Event Management
Full Set of Trusted Advisor Checks