CloudFront & AWS Global Accelerator Flashcards

1
Q

What is a CDN

A

Content Delivery Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • Improves read performance, content is cached at the edge
  • 216 Point of Presence globally (edge locations)
  • DDoS protection, integration with Shield, AWS Web Application Firewall
A

AWS CloudFront

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A (blank) attack takes place when a bad actor overwhelms a server with malicious internet traffic to prevent legitimate users from accessing
applications, services, and networks

A

DDoS (Distributed Denial of Service)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the CloudFront origins?

A

S3 bucket & Custom Origin (HTTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Allow users to access content from certain countries

A

Whitelist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Prevent users from accessing content from certain countries

A

Blacklist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Use case: Copyright Laws to control access to content

A

Geo Restriction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  • Global Edge network
  • Files are cached for a TTL (maybe a day)
  • Great for static content that must be available everywhere
A

CloudFront

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  • Must be setup for each region you want replication to happen
  • Files are updated in near real-time
  • Read only
  • Great for dynamic content that needs to be available at low-latency in few regions
A

S3 Cross Region Replication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

•Allow access to a path, no matter
the origin

• Account wide key-pair, only the root
can manage it

  • Can filter by IP, path, date, expiration
  • Can leverage caching features
A

CloudFront Signed URL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • Issue a request as the person who (blank)
  • Uses the IAM key of the signing IAM principal
  • Limited lifetime
A

S3 Pre-Signed URL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can you reduce cost for CloudFront?

A

Reduce the # of edge locations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How many price classes for CloudFront are there? What are they?

A
  1. All
  2. 200
  3. 100
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

All

What CloudFront price class is this?

A

All regions - best performance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

200

What CloudFront price class is this?

A

Most regions, but excludes most expensive regions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

100

What CloudFront price class is this?

A

Only the least expensive regions

17
Q

One server holds one IP

A

Unicast IP

18
Q

All servers hold the same IP address and the client is routed to the nearest one

A

Anycast IP

19
Q

The Anycast IP will send traffic directly where?

A

Edge Locations

20
Q

Leverage the AWS internal network to route to your application

A

AWS Global Accelerator

21
Q
  • Improves performance for a wide range of applications over TCP or UDP
  • Proxying packets at the edge to applications running in one or more AWS Regions.
  • Good fit for non-HTTP use cases, such as gaming (UDP), loT (MQTT), or Voice over IP
  • Good for HTTP use cases that require static IP addresses
  • Good for HTTP use cases that required deterministic, fast regional failover
A

AWS Global Accelerator

22
Q

A communications standard that enables application programs and computing devices to exchange messages over a network.

It is designed to send packets across the internet and ensure the successful delivery of data and messages over networks.

A

TCP (Transmission Control Protocol)

23
Q

Used for communication throughout the internet. It is specifically chosen for time-sensitive applications like gaming, playing videos, or Domain Name System lookups

Results in speedier communication because it does not spend time forming a firm connection with the destination before transferring the data

A

UDP (User Datagram Protocol)

24
Q
  • Improves performance for both cacheable content (such as images and videos)
  • Dynamic content (such as API acceleration and dynamic site delivery)
  • Content is served at the edge
A

CloudFront

25
What feature allows you to securely distribute paid content?
CloudFront Signed URL
26
A special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your S3 content
Origin Access Identity (OAI)
27
What should you use when you want to access hundreds (multiple files) of private files served by your CloudFront distribution?
CloudFront Signed Cookies
28
AWS Global Accelerator will provide us with what?
2 static IP addresses
29
An ALB will provide us with what?
HTTP routing rules
30
What CloudFront feature allows you to securely distribute paid content?
CloudFront Signed URL