Cloud Computing

Question 1

What is Cloud Computing?

Answer 1

1. On-demand self service - ability to provide servers, networks, storage, on-demand when services are needed. Without any human intervention or interaction.
2. Access to network - Network connectivity to access and build through HTTP, HTTPS, VPN, CLI, SSH, etc
3. Resource pooling - Pool resources to serve multiple consumers. AWS offers thousands of servers, DBs, and more on-demand. Location of these resources is unknown.
4. Elasticity - Ability to scale on-demand
5. Resource usage monitored and billed - No need to estimate demands, we only pay for what we use.

Question 2

What is Public Cloud

Answer 2

Cloud resources owned and operated by a thirdparty cloud service provider delivered over the Internet.

Question 3

What is Private Cloud

Answer 3

Cloud services used by a single organization, not exposed to the public.
Complete control
Security for sensitive applications
Meet specific business needs

Question 4

Hybrid Cloud

Answer 4

Keep some servers on premises and extend some capabilities to the Cloud
Control over sensitive assets in your private infrastructure
Flexibility and costeffectiveness of the public cloud

Question 5

Six Advantages of Cloud Computing

Answer 5

Trade capital expense (CAPEX) for operational expense (OPEX)
Pay On-Demand: don’t own hardware
Reduced Total Cost of Ownership (TCO) & Operational Expense (OPEX)
Benefit from massive economies of scale
Prices are reduced as AWS is more efficient due to large scale
Stop guessing capacity
Scale based on actual measured usage
Increase speed and agility
Stop spending money running and maintaining data centers
Go global in minutes: leverage the AWS global infrastructure

Question 6

Problems solved by the Cloud

Answer 6

Flexibility: change resource types when needed
Cost-Effectiveness: pay as you go, for what you use
Scalability: accommodate larger loads by making hardware stronger or adding additional nodes
Elasticity: ability to scale out and scale-in when needed
High-availability and fault-tolerance: build across data centers
Agility: rapidly develop, test and launch software applications

Question 7

Types of Cloud Computing

Answer 7

Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)

Question 8

Infrastructure as a Service (IaaS)

Answer 8

Provide building blocks for cloud IT
Provides networking, computers, data storage space
Highest level of flexibility
Easy parallel with traditional on-premises IT

Question 9

Platform as a Service (PaaS)

Answer 9

Removes the need for your organization to manage the underlying infrastructure
Focus on the deployment and management of your applications

Question 10

Software as a Service (SaaS)

Answer 10

Completed product that is run and managed by the service provider

Question 11

What is edge location

Answer 11

Also known as AWS Points of Presence
Caches AZ contents and ensures low latency by placing content closer to users
Amazon has 216 Points of Presence (205 Edge Locations & 11 Regional Caches) in 84 cities across 42 countries
netflix

Question 12

What is a local zone

Answer 12

It is an extension of a local region
lower latency like for gamers

Question 13

How to choose an AWS Region?

Answer 13

Compliance with data governance and legal requirements: data never leaves a region without your explicit permission
Proximity to customers: reduced latency
Available services within a Region: new services and new features aren’t available in every Region
Pricing: pricing varies region to region and is transparent in the service pricing page

Question 14

Are most AWS services region-scoped?

Answer 14

Yes

Question 15

What is an AWS region?

Answer 15

A region is a cluster of data centers

Question 16

What is high availability?

Answer 16

Desig for minimal downtime.

Question 17

what is designing for fault tolerance?

Answer 17

Desigining for zero downtime

Question 18

what is designing for disaster recovery?

Answer 18

Desiginig a system to operate through a disaster

Question 19

What are the AWS well-architected framework pillars?

Answer 19

Operational excellence - the ability to support development and run workloads effectively, gain insight into their operations, and to continuously improve supporting processes and procedures to deliver business value.
Security -
Reliability -
Performance efficiency
Cost optimization
Sustainability

Question 20

Migration strategries to the cloud

Answer 20

7Rs
Retire
Retain
Rehost - lift and shift
Relocate - lg # of servers that are made up of one or more applications
Repurchase - drop and shop, get a different version of an app that provides better value
Replatform - lift - tinker - shift
Refactor or re-architect - a whole change using aws services

Question 21

Amazon RDS and DynamoDB

relational or non-relational DBs?

Answer 21

DynamoDB - non-SQL
RDS - SQL

Question 22

What is a hybrid environment?

Answer 22

Using on‑premises data centers together with AWS—but not necessarily using private cloud technology. (This is different from hybrid cloud.)

Question 23

Why might an organization choose to keep some resources on‑premises?

Answer 23

Compliance, latency requirements, legacy systems, data residency rules, or gradual migration strategy.

Question 24

What defines an AWS public service?

Answer 24

A service accessible through the public internet (via the AWS public zone).
Example: Amazon S3.

Question 25

What defines an AWS private service?

Answer 25

A service that lives inside the AWS private zone with no default connection to the public internet. Example: EC2 instances inside a VPC.

Question 26

How do EC2 instances inside a VPC gain access to the public internet?

Answer 26

Through configuration such as assigning a public IP and routing traffic through an Internet Gateway.

Question 27

What are the three main ways to connect to AWS?

Answer 27

AWS CLI AWS Management Console - UI AWS - SDK

Question 28

What is an AWS VPN connection?

Answer 28

A secure, encrypted connection over the public internet from on‑premises to AWS.

Question 29

What is AWS Direct Connect?

Answer 29

A private, dedicated network connection from the customer’s data center to AWS. Keyword: Dedicated = Direct Connect.

Question 30

When is Direct Connect preferred over VPN?

Answer 30

When you need consistent high bandwidth, low latency, or private connectivity without traversing the public internet.

Question 31

What connects a public EC2 instance in a public subnet to the internet—an Internet Gateway or a NAT Gateway?

Answer 31

An Internet Gateway.

Question 32

What is the function of a NAT Gateway?

Answer 32

Allows outbound internet traffic from private subnets while preventing inbound connections from the public internet. Network Address Translation

Question 33

What is the primary purpose of an Amazon VPC in AWS?

Answer 33

A VPC provides an isolated, customizable virtual network environment where you launch AWS resources.

Question 34

What is the role of a subnet inside a VPC?

Answer 34

Subnets segment the VPC network and allow you to group resources into public or private zones.

Question 35

How does a public subnet differ from a private subnet in AWS?

Answer 35

A public subnet has a route to the Internet Gateway, while a private subnet does not.

Question 36

What purpose does an Internet Gateway serve in a VPC?

Answer 36

It allows communication between the VPC and the public internet.

Question 37

Why is a NAT Gateway used with private subnets?

Answer 37

To enable outbound internet access for instances in private subnets while preventing inbound internet connections.

Question 38

How do network ACLs differ from security groups?

Answer 38

Network ACLs are stateless and operate at the subnet level; security groups are stateful and operate at the instance or ENI level.

Question 39

Why are security groups considered stateful?

Answer 39

Because a return rule is automatically allowed if the inbound or outbound rule exists—no separate rule is needed.

Question 40

Why might you use AWS Direct Connect instead of an internet‑based VPN?

Answer 40

For a dedicated, private, lower‑latency connection between on‑premises infrastructure and AWS.

Question 41

What is the purpose of an AWS Site‑to‑Site VPN?

Answer 41

To provide secure, encrypted connectivity over the public internet between on‑premises networks and AWS.

Question 42

What type of traffic do network ACLs control?

Answer 42

Inbound and outbound traffic at the subnet boundary.

Question 43

Why does AWS recommend placing publicly accessible resources in a public subnet?

Answer 43

Because public subnets support direct inbound and outbound internet traffic via an Internet Gateway.

Question 44

When should private subnets be used?

Answer 44

When deploying resources that should not be exposed directly to the public internet—such as databases and internal services.

Question 45

How does AWS ensure that Availability Zones stay isolated in a VPC?

Answer 45

Each subnet exists entirely within a single Availability Zone.

Question 46

what is stateful?

Answer 46

“Remembers you” 🧠 Security Group → Stateful Great for controlling what each instance or resource can access Automatically handles return traffic Most commonly used filtering tool in AWS Used on EC2 instances and ENIs

Question 47

what is stateless?

Answer 47

Stateless = “Remembers nobody” ❌🧠 NACL → Stateless Protect subnets Act like a big outer wall Good for extra security layers Harder to manage because you must add rules both ways

Question 48

EC2 instance type General purpose

Answer 48

General purpose instances provide a balanced mix of compute, memory, and networking resources. They are ideal for diverse workloads, like web services, code repositories, and when workload performance is uncertain.

Question 49

EC2 instance type Compute optimized

Answer 49

Compute optimized instances are ideal for compute-intensive tasks, such as gaming servers, high performance computing (HPC), machine learning, and scientific modeling.

Question 50

EC2 instance type Memory optimized

Answer 50

Memory optimized instances are used for memory-intensive tasks like processing large datasets, data analytics, and databases. They provide fast performance for memory-heavy workloads.

Question 51

EC2 instance type Accelerated computing

Answer 51

Accelerated computing instances use hardware accelerators, like graphics processing units (GPUs), to efficiently handle tasks, such as floating-point calculations, graphics processing, and machine learning.

Question 52

EC2 instance type Storage optimized

Answer 52

Storage optimized instances are designed for workloads that require high performance for locally stored data, such as large databases, data warehousing, and I/O-intensive applications.

Question 53

On-Demand Instances:

Answer 53

Pay only for the compute capacity you consume with no upfront payments or long-term commitments required.

Question 54

Reserved Instances:

Answer 54

Get a savings of up to 75 percent by committing to a 1-year or 3-year term for predictable workloads using specific instance families and AWS Regions.

Question 55

Spot Instances:

Answer 55

Bid on spare compute capacity at up to 90 percent off the On-Demand price, with the flexibility to be interrupted when AWS reclaims the instance.

Question 56

Savings Plans:

Answer 56

Save up to 72 percent across a variety of instance types and services by committing to a consistent usage level for 1 or 3 years.

Question 57

Dedicated Hosts:

Answer 57

Reserve an entire physical server for your exclusive use. This option offers full control and is ideal for workloads with strict security or licensing needs.