AWS Part 1 (1-100)

Question 1

What is AWS?

Answer 1

Amazon Web Services

Platform providing on-demand resources for

Hosting web services

Storage

Networking

Databases

Other resources over the internet

Pay as you go pricing

Question 2

What are the components of AWS?

Give me at least 6 of the components.

Answer 2

EC2 – Elastic Compute Cloud

S3 – Simple Storage Service

Route53 – DNS service

EBS – Elastic Block Store

CloudWatch

Key-Pairs

(Note: These are a few of the components of AWS)

Question 3

What are Key-Pairs?

What are they, and what are they made of?

Answer 3

Secure login info for instances/virtual machines

To connect to instances we use Key-Pairs that have a public-key and private-key

Question 4

What is S3?

What is it, and what is it about?

Answer 4

Simple Storage Service

Service that provides interface to store any amount of data, anytime, anywhere

Pay what you use

Pay as you go

Question 5

What are the pricing models for EC2 instances?

5 main models O.R.S.S.D

Answer 5

On-Demand

Reserved

Spot

Scheduled

Dedicated

Question 6

What are the types of volumes for EC2 instances?

2 types of volumes…

Answer 6

2 types of volumes:

EBS – Elastic Block Stores

Instance Store Volumes

Question 7

What are EBS volumes?

What are they, and what are they about?

Answer 7

Elastic Block Stores

Persistent volumes that you can attach to instances

** Your data will be preserved when you stop your instance

** Unlike Instance Store Volumes, where data is deleted after stopping instance

Question 8

What are the types of volumes in EBS?

5 main types of volumes, involving SSD & HDD.
G.P.M.C.T.

Answer 8

General Purpose

Provisioned IOPS

Magnetic

Cold HDD

Throughput optimized

Question 9

What are the different types of instances?

5 main types of instances, and think hardware performance.

Answer 9

General purpose
Computer Optimized
Storage Optimized
Memory Optimized
Accelerated Computing

Question 10

What is an auto-scaling and what are the components?

What is it, and what are the 2 main types of components?

Answer 10

Allows you to auto scale-up and scale-down number of instances
Depending on the CPU or Memory usage

2 types of components in Auto-scaling
- Auto-scaling groups
- Launch Configuration

Question 11

What are reserved instances?

Answer 11

The instance that you can reserve a fixed capacity of EC2 instances
Note: In reserved instances you will have to get into a contract of 1 year or 3 years

Question 12

What is an AMI?

What is it, and what is it about? Contains S. L. B.

Answer 12

Amazon Machine Image
Template that contains
- software configurations
- launch permission
- block device mapping

Specifies the volume to attach to the instance when launched

Question 13

What is an EIP?

What is it, and what is it about?

Answer 13

Elastic IP Address
Designed for dynamic cloud computing
Keep same IP when stopping and starting instances

Question 14

What is CloudWatch?

Answer 14

Monitoring tool used to monitor various AWS resources
Examples are health check, network, application, etc

Question 15

What are the types of monitoring in CloudWatch

Answer 15

There are 2 types in CloudWatch:
- Basic Monitoring, that’s free
- Detailed monitoring, that’s chargeable

Question 16

What are the cloudwatch metrics that are available for EC2 instances?

D.D.C.N.N.N.N.C.C.

Answer 16

• Diskreads
• Diskwrites
• CPU utilization
• NetworkPacketsIn
• NetworkPacketsOut
• NetworkIn
• NetworkOut
• CPUCreditUsage
• CPUCreditBalance

Question 17

What is the minimum and maximum size of individual objects you can store in S3?

Answer 17

The minimum is 0 bytes
The maximum is 5TB

Question 18

What are the different storage classes (levels) in S3?

Answer 18

• Standard (Frequently Accessed)
• Standard Infrequently Accessed
• One-Zone Infrequently Accessed
• Glacier
• RRS - Reduced Redundancy Storage

Question 19

What is the default storage class in S3

Answer 19

That would be Standard (Frequently Accessed)

Question 20

What is Glacier?

Answer 20

Back up or Archival tool used to back up data in S3

Question 21

How can you secure the access to your S3 bucket?

2 ways available here…

Answer 21

2 ways available:
- ACL - Access Control Lists
- Bucket policies

Question 22

How can you encrypt data in S3?

Answer 22

• Server Side Encryption - S3 (AES 256 encryption)
• Server Side Encryption - KMS (Key Management Service)
• Server Side Encryption - C (Client Side)

Question 23

What are the parameters for S3 pricing?

5 things mentioned here
S.S.N.D.T

Answer 23

• Storage used
• Storage management
• Number of request you make
• Data transfer
• Transfer acceleration

Question 24

What is the pre-requisite to work with Cross region replication in S3?

2 main things mentioned here

Answer 24

Enable versioning on both source bucket and destination
Source and Destination bucket should be in different region

Question 25

What are Roles?

Answer 25

• Used to provide permissions to entities you trust within your AWS account
• Roles are users in another account
• Roles are similar to users but do not need to create any username and password to work with the resources

Question 26

What are policies and what are the types of policies?

Answer 26

Policies are permissions you attach to users/groups that are created for specific access

2 types of policies:
- Managed policies (Standalone, created and administered by AWS)
- Inline policies (Embedded script by user into an IAM entity (User, Group, or Role)

Question 27

What is Cloudfront?

Answer 27

AWS web service that provides businesses and app developers easy and efficient way to distribute content
- with low latency and high data transfer speeds

Cloudfront is content delivery network of AWS

Question 28

What are edge locations?

Answer 28

Place where contents will be cached
User tries to access some content, the content will be searched in edge location

If it’s not available then content will be made available from original location
- Then copy will be stored in edge location

Question 29

What is the max individual archive that you can store in Glacier?

Answer 29

Max individual archive is up to 40TB

Question 30

What is VPC?

Config for I.S.I.N.S.

Answer 30

Virtual Private Cloud
Network logically isolated from other networks
Allows you to easily customize network configuration for:
- IP address range
- Subnets
- Internet gateways
- NAT gateways
- Security groups

Question 31

What is VPC peering connection?

Answer 31

Allows you to connect 1 VPC with another VPC
Behave as if in same network this way

Question 32

What are NAT gateways?

Answer 32

Network Address Translation
NAT gateways enable instances in a private subnet to connect to internet but prevent internet from initiating connection with those instances

Question 33

How can you control the security to your VPC?

2 ways mentioned here…

Answer 33

Can use Security groups and NACL’s

NACL = Network Access Control List

Question 34

What are the different types of storage gateway?

3 types F.V.T.

Answer 34

3 types:
- File gateway
- Volume gateway
- Tape gateway

Question 35

What is a Snowball?

Answer 35

Data transport solution using source appliances to transfer large amounts of data into and out of AWS
- Reduces network costs, long transfer times
- Provides better security

Question 36

What are the database types in RDS?

A.O.M.P.M.S.

Answer 36

• Aurora
• Oracle
• MYSQL server
• Postgresql
• MariaDB
• SQL server

Question 37

What is Redshift?

Answer 37

Data warehouse product in the cloud
- Fast and powerful
- Fully managed
- Petabyte scale

Question 38

What is SNS?

Answer 38

Simple Notification Service
Web service that makes it easy to get notification from the cloud

Can set up SNS to receive email notification or message notification

Question 39

What are the types of routing policies in Route53?

S.L.F.G.W.MA

Answer 39

• Simple routing
• Latency routing
• Failover routing
• Geolocation routing
• Weighted routing
• Multivalue answer

Question 40

What is the max size of messages in SQS?

Answer 40

Max size of messages in SQS is 256kb

Question 41

What are the types of queues in SQS?

2 types

Answer 41

• Standard queue
• FIFO (First In First Out)

Question 42

What is multi-AZ RDS?

Answer 42

Multi Availability Zone for replica of production database in another AZ

Used for disaster recovery and exact copy of database with auto failover

Question 43

What are the types of backups in RDS database?

2 types

Answer 43

2 types of backups:
- Automated
- Manual (Snapshots)

Question 44

What is the difference between security groups and network access
control list?

Answer 44

Security Groups & Network access control list
(see screenshot)

Question 45

What are the types of Load Balancers in EC2?

3 types
A.N.C LB

Answer 45

3 types:
- Application load balancer
- Network load balancer
- Classic load balancer

Question 46

What is an ELB?

E.C.I.

Answer 46

Elastic Load Balancing

Auto distributes incoming app or network traffic across multiple targets like:
- EC2
- Containers
- IP addresses

Containers provide a standard way to package your application’s code, configurations, and dependencies into a single object. Containers share an operating system installed on the server and run as resource-isolated processes, ensuring quick, reliable, and consistent deployments, regardless of environment.

Question 47

What are the 2 types of access that you can provide when you are creating users?

Answer 47

• Programmatic
• Console

Question 48

What are the benefits of auto-scaling?

3 things mentioned here to be better (F.A.C.)

Answer 48

• Better fault tolerance
• Better Availability
• Better cost management

Question 49

What are security Groups?

Answer 49

Acts as firewall that contains traffic for one or more instances

One or more SG’s can be associated to instances

Can add rules to each SG that allow traffic to and from instances

New rules are auto and immediately applied to all instances in the group

Question 50

What are shared AMI’s?

Answer 50

AMI created by other developer and available for another developer to use

Question 51

What is the difference between the classic load balancer and application load balancer?

P.L.

Answer 51

Dynamic Port Mapping
Multiple port listeners is used in Application Load Balancer
One port listener is achieved via Classic Load Balancer

Classic Load Balancer expired Aug, 15th, 2022.

Question 52

By default, how many IP addresses does AWS reserve in a subnet?

Answer 52

5

Question 53

What is meant by subnet?

Answer 53

Large selection of IP addresses divided into chunks are known as subnets

Question 54

How can you convert a public subnet to private subnet?

Answer 54

Remove IGW and add NAT gateway
Associate subnet in Private route table

Question 55

Is it possible to reduce an EBS volume?

Answer 55

No, we can increase it but not reduce a volume

Question 56

What is the use of elastic IP, are they charged by AWS?

Answer 56

These are IPV4 addresses, which are used to connect the instance from internet
They are charged if the instances are not attached to it

Question 57

One of my S3 buckets are deleted, but I Need to restore it. Is there any way possible?

Answer 57

Yes, if versioning has been enabled. Very easily, if so.

Question 58

When I try to launch an EC2 instance I am getting Service limit exceeded. How can I fix this issue?

Answer 58

By default, AWS offers service limit of 20 running instances per region

To fix the issue, we need to contact AWS support to increase the limit based on the requirement

Question 59

I need to modify the EBS volumes in Linux and Windows. Is it possible?

Answer 59

Yes.

From console, use modify volumes in section, and give the size you need
Linux = Mount it to achieve the modification
Windows = Go to Disk Management

Question 60

Is it possible to stop an RDS instance. If so, how can I do that?

Answer 60

Yes, it is possible.

For instances which are not in production and non multi AZ’s

Question 61

What is meant by parameter groups in RDS? What is the use of it?

Answer 61

AWS offers a wide set of parameters in RDS as parameter groups, which are modified as per requirement

Question 62

What is the use of Tags and how are they useful?

Answer 62

Used for identification and grouping AWS resources

Question 63

I am viewing an AWS console, but unable to launch the instance. I am receiving an IAM error. How can I rectify it?

Answer 63

No access, and need permissions to use it

Question 64

I don’t want my AWS account ID to be exposed to users. How can I avoid it?

Answer 64

By creating an Alias in IAM settings, creates different sign-in URL

Question 65

By default, how many Elastic IP addresses does AWS offer?

Answer 65

5 elastic IP’s per region

Question 66

You are an enabled sticky session with ELB. What does it do with your instance?

Answer 66

Binds the user session with a specific instance

Question 67

Which type of load balancer makes routing decisions at either the Transport layer or the Application layer, and supports either EC2 or VPC?

Answer 67

Classic Load Balancer

Question 68

Which is virtual network interface that you can attach to an instance in VPC?

Answer 68

ENI - Elastic Network Interface

Question 69

You have launched a Linux instance in AWS EC2. While configuring security group, you have selected SSH, HTTP, HTTPS protocol. Why do we need to select SSH?

Answer 69

To verify there is a rule that allows traffic from EC2 instance to your computer

Question 70

You have chosen a Windows instance with Classic and you want to make some change to the Security Group. How will these changes be effective?

Answer 70

Changes are automatically applied to Windows instances

Question 71

Load Balancer and DNS service comes under which type of cloud service?

Hint= 4 letters and a mode

Answer 71

IAAS-Storage

IAAS = Infrastructure as a Service

Question 72

You have an EC2 instance that has an unencrypted volume. You want to create another Encrypted volume from this unencrypted volume. What are the steps to achieve this?

Answer 72

Create a snapshot of the unencrypted volume, applying encryption parameters

Copy the Snapshot and create a volume from the copied Snapshot

Question 73

Where does the user specify the maximum number of instances with the auto-scaling commands?

Answer 73

The Auto-scaling Launch Configuration

Question 74

Which are the types of AMI provided by AWS?

2 main types discussed here

Answer 74

Instance Store and EBS

EBS = Elastic Block Storage

Question 75

After configuring ELB, you need to ensure that the user requests are always attached to a Single instance. What setting can you use?

Answer 75

Sticky Session

Question 76

When do I prefer Provisioned IOPS over the standard RDS storage?

Answer 76

If you have to do batch-oriented in workloads

Question 77

I am running my DB instance with Multi-AZ deployments. Can I use the DB instance for read/write operation along with primary DB instance?

Answer 77

Primary DB instance does not work!

Question 78

Which AWS service will you use to collect and process e-commerce data for the near by real-time analysis?

Answer 78

Amazon DynamoDB

Question 79

A company is deploying the new two-tier web app in AWS. The company has limit on staff and requires high availablility. The application requires complex queries and table joins. Which config provides the solution for company’s requirements?

Answer 79

A web app provided on DynamoDB is the solution

Question 80

Which statement has use cases that are suitable for Amazon DynamoDB?

Answer 80

The storing of metadata for S3 objects

The running of relational joins and complex updates

Question 81

Your app has to retrieve data from your user’s mobile every 5 minutes, and then data is stored in the DynamoDB. Later every day at the particular time the data is extracted into the S3 on a per user basis. Your app is later on used to visualize the data to user.

You are asked to optimize the architecture of the backend system to lower the cost. What would you recommend doing?

Answer 81

Introduce Amazon Elasticache to cache the reads from Amazon DynamoDB table, and to reduce the provisioned read throughput

Question 82

You are running a website on EC2 instances that are deployed across multiple AZ’s with a Multi-AZ RDS MySQL Extra Large DB instance, etc.

The site performs a high number of small reads and writes per second and relies on the Eventual Consistency model. After comprehensive tests you find that there is read contention on RDS MySQL.

Which are the best approaches to meet these requirements?

3 things to do…

Answer 82

1. ElastiCache enabled per AZ
2. Increase the RDS MySQL instance size
3. Implement provisioned IOPS

Question 83

A Startup is running a pilot deployment of 100 sensors to measure the street noise and air quality in urban areas for 3 months.

It was noted that every month around 4GB of sensor data is generated. Company uses a load balanced auto-scaled layer of EC2 instance and an RDS database with 500GB standard storage.

The pilot was successful, and now they want to deploy 100k sensors to support the backend. You need the data stored for at least 2 years to be analyzed. Which setup of the following would be preferred?

Answer 83

Replace the RDS instance with a 6 node Redshift cluster with 96TB of storage

Question 84

Let us suppose you have an app where you have to render images and also some general computing. Which service will best fit your need?

Answer 84

Use an Application Load Balancer

Question 85

How will you change the instance type for the instances that are running your applications tier, and using auto-scaling? Where is the area to change this?

Answer 85

Change Auto-scaling Launch Configuration areas

Question 86

You have content management system running on the EC2 instance and is approaching 100% CPU usage. Which option will reduce load on the EC2 instance?

Answer 86

Create a load balancer and register the EC2 instance for it

Question 87

What does the Connection of draining do?

Answer 87

Re-routes traffic from the instances which are to be updated (or) failed a health-check

Question 88

When the instance is unhealthy, then it needs to be terminated and replaced with a new one. Which of the services does that?

Answer 88

Fault Tolerance

Question 89

What is the lifecycle of hooks used for in auto-scaling?

Answer 89

They are used to put additional wait time to the scale in or scale out events

Question 90

User has to setup an auto-scaling group. Due to some issue the group has failed to launch a single instance for more than 24 hours.

What will happen to the auto-scaling in the condition?

Answer 90

Auto-scaling will SUSPEND the scaling process

Question 91

You have an EC2 Security Group with several running EC2 instances. You changed the Security Group rules to allow inbound traffic on a new port and protocol. Then you launched several new instances of the same Security Group.

When will the new rules be applied?

Answer 91

Immediately to all instances in the Security Group

Question 92

To create a mirror image of your environment in another region for disaster recoveries, which of the following AWS resources do NOT need to be recreated in second region?

Answer 92

Route53 Record Sets

Question 93

Customer wants to capture all client connections to get info from his Load Balancers at an interval of 5 min only. Which select option should he choose for his application?

Hint: it’s in the cloud, so…

Answer 93

Enable AWS CloudTrail for the load balancers

Question 94

Which of the services would you NOT use to deploy an app?

Answer 94

Lambda app is not used to deploy

Question 95

How do you apply Elastic Beanstalk to updates?

Answer 95

By using a duplicate ready with updates prepared before swapping

Question 96

You created a key in the Oregon region to encrypt data in North Virginia region due to security purposes. You added 2 users to the key and the external AWS account

You wanted to encrypt an object in S3, but when trying, the key that is just created is not listed.

What could be reason and solution?

Answer 96

The key should be working in the same region

Question 97

Company needs to monitor a read /write IOPS for AWS MySQL RDS instances, then send real-time alerts to the operations team.

Which AWS service can be used to accomplish this?

Answer 97

Amazon CloudWatch

What is CloudWatch?
AWS CloudWatch is a suite of monitoring tools built into one AWS service. In this post, we’ll explore each major component of CloudWatch and explain why one would consume the Metrics, Alarms, Logs, and Events available within this useful service. Before we explore the many faces of CloudWatch, let’s find out more about CloudTrail.

What is AWS CloudTrail?
AWS CloudTrail is a log of every single API call that has taken place inside your Amazon environment. Each call is considered an event and is written in batches to an S3 bucket. These Cloudtrail events show us details of the request, the response, the identity of the user making the request, and whether the API calls came from the AWS Console, CLI, some third-party application or other AWS Service.

Question 98

Organization that is currently using consolidated billing has been recently acquired by another company that already has number of AWS account.

How could an Admin ensure that all AWS accounts is billed to the single account?

From both existing company and acquired company

Answer 98

AWS Organization - All invites acquired by the company’s AWS account joins new existing company

Question 99

User has created application, which will be hosted on the EC2. The app makes calls to DynamoDB to fetch certain data. The app is using the DynamoDB SDK to connect with EC2 instance.

Which is best practice for security in this scenario?

Answer 99

Should attach IAM Role with the DynamoDB access to EC2 instance

Question 100

You have app running EC2 instance, which will allow users to download files from private S3 bucket using pre-assigned URL. Before generating URL, the app should verify existence of file in S3.

How does the app use the AWS creds to access S3 bucket securely?

Answer 100

Create an IAM role for EC2 that allows list access to objects in S3 buckets.

Launch instance with this Role, and retrieve Role’s credentials from EC2 instance metadata