CloudWatch, X-Ray, CloudTrail

Question 1

What are the three main AWS services for monitoring and auditing?

Answer 1

Amazon CloudWatch, AWS X-Ray, AWS CloudTrail

Question 2

What does CloudWatch provide?

Answer 2

Metrics, Logs, Events, Alarms

Question 3

What is the default monitoring frequency for EC2 without detailed monitoring?

Answer 3

Every 5 minutes

Question 4

How often is EC2 monitored with detailed monitoring enabled?

Answer 4

Every 1 minute

Question 5

How do you push custom metrics to CloudWatch?

Answer 5

Use the PutMetricData API

Question 6

What tool can you use to search and analyze logs in CloudWatch?

Answer 6

CloudWatch Logs Insights

Question 7

What are CloudWatch Log Groups and Log Streams?

Answer 7

Log Groups = applications or systems; Log Streams = individual log sources (like EC2 or containers)

Question 8

What is a metric filter in CloudWatch Logs?

Answer 8

A filter to create metrics from specific log patterns

Question 9

What is a common use of CloudWatch Alarms?

Answer 9

Trigger SNS notifications, EC2 actions (stop/reboot/terminate), or Auto Scaling policies

Question 10

What are the three alarm states in CloudWatch?

Answer 10

OK, ALARM, INSUFFICIENT_DATA

Question 11

What is a composite alarm in CloudWatch?

Answer 11

An alarm that combines multiple alarms using logical AND/OR

Question 12

What agent collects additional system-level metrics and logs?

Answer 12

CloudWatch Unified Agent

Question 13

What is the purpose of CloudWatch Synthetics?

Answer 13

Monitor APIs, URLs, or websites using canaries (scripted browser sessions)

Question 14

What does Amazon EventBridge allow you to do?

Answer 14

Create rules to route events from AWS services and SaaS to targets (Lambda, Step Functions, etc.)

Question 15

How can EventBridge help in cross-account scenarios?

Answer 15

Use resource-based policies to share custom event buses

Question 16

What AWS service helps with distributed tracing and performance troubleshooting?

Answer 16

AWS X-Ray

Question 17

What does the X-Ray SDK capture?

Answer 17

AWS SDK calls HTTP requests, DB queries, and queue operations

Question 18

What must a Lambda function have to use X-Ray?

Answer 18

Active Tracing enabled and AWSXRayDaemonWriteAccess IAM permission

Question 19

What are X-Ray sampling rules?

Answer 19

Define how many requests to trace (default is 1 req/sec + 5% of others)

Question 20

Where are CloudTrail logs stored?

Answer 20

Amazon S3 or CloudWatch Logs

Question 21

What does CloudTrail log by default?

Answer 21

Management Events (read/write API calls to AWS services)

Question 22

What are Data Events in CloudTrail?

Answer 22

High-volume data access like GetObject on S3 or Invoke on Lambda

Question 23

What feature in CloudTrail detects unusual activity?

Answer 23

CloudTrail Insights

Question 24

How long does CloudTrail retain events by default?

Answer 24

90 days (in the event history view)

Question 25

What is the difference between CloudWatch and CloudTrail?

Answer 25

CloudWatch monitors system performance; CloudTrail audits API activity