Confusions2

Question 1

Amazon S3 Transfer Acceleration Vs AWS Global Accelerator

Answer 1

Enhances content transfers to and from Amazon S3
Vs
Uses edge locations and AWS global infrastrure for storage and compute for better performance of applications

Question 2

OLTP Vs OLAP which service?

Answer 2

OLTP->Amazon RDS,Amazon DynamoDB
OLAP->Amazon Redshift(DW)

Question 3

AWS Personalize Vs AWS Comprehend Vs AWS Kendra

Answer 3

Amazon Personalize is a machine learning (ML) custom recommendation engines with real-time personalization and user-specific content recommendations
Vs
NLP
Vs
Enterprise document search solution by AWS, enhancing productivity and customer satisfaction

Question 4

Data encryption is automatically enabled for which services?

Answer 4

S3 and Storage Gateway

Question 5

Encryption of data in transit and encryption at rest

Answer 5

EFS

Question 6

Lowest Availability for which storage class?

Answer 6

S3 One Zone-IA

Question 7

Minimum Storage Duration

Answer 7

S3 Standard = NA
S3 Intelligent Tiering = NA
S3 Standard IA=30
S3 One Zone IA=30
S3 Glacier Instant Retrieval = 90
S3 Glacier Flexible Retrieval = 90
S3 Glacier Deep Archive= 180

Question 8

Site to Site VPN what components

Answer 8

Customer Gateway
Virtual Private Gateway/Transit Gateway
Customer gateway device

Question 9

AWS Migration Evaluator

Answer 9

Migration assessment service

Question 10

AWS Transit Gateway
Vs
AWS Customer Gateway
Vs
AWS Internet Gateway
Vs
VPN
Vs
Virtual Private Gateway

Answer 10

Transit Gateway, Virtual Private Gateway and Internet Gateway are on AWS
AWS Customer Gateway is on on-premise
VPN is a connection between AWS and on-premise

VPC<—–>[VPG]—-(vpn)—–[CG]

VPC1,2,3<—->[TG]—-(vpn)—–[CG]

(Internet)——-[IG]<——>VPC

Question 11

What is EFS scope

Answer 11

EFS can be accessed within the same region across all AZs

Question 12

Budget types under Budgets

Answer 12

Cost Budget
Usage Budget
RI Utilization Budgets
RI coverage budgets
Savings Plans utilization budgets
Savings Plans coverage budgets

Question 13

S3 Storage Classes

Answer 13

S3 Standard

S3 Intelligent-Tiering (less availability)

S3 Standard-IA (>=30 days storage duration, retrieval fees, (less availability))

S3 One Zone-IA (>=30 days storage duration, retrieval fees, (least availability))

S3 Glacier Instant Retrieval (>=90 days storage duration, retrieval fees, (less availability))

S3 Glacier Flexible Retrieva(>=90 days storage duration, retrieval fees)

S3 Glacier Deep Archive(>=180 days storage duration, retrieval fees)

Less Availability= 2 3 4 5
Retreival Fee = 3 4 5 6 7
Min storage duration = 3 4 5 6 7
Min Capacity Charge = 3 4 5 6 7

Question 14

VPN

Answer 14

Site-to-Site VPN for hybrid connectivity and Client VPN for remote workforce access

Question 15

Route 53 routing policies

Answer 15

Simple routing
Geolocation routing
Weighted routing
Failover routing

Question 16

Underutilization check using which service

Answer 16

Trusted Advisor and Cost Explorer

Question 17

Create Alerts using which service

Answer 17

AWS CloudWatch, AWS Budgets, AWS EventBridge, AWS User Notifications

Question 18

Tags

Answer 18

For each resource, each tag key must be unique, and each tag key can have only one value

You must activate both AWS generated tags and user-defined tags separately before they can appear in Cost Explorer or on a cost allocation report

Question 19

Separate invoices for different departments

Answer 19

Create separate AWS accounts

Question 20

GeoLocation Vs GeoProximity

Answer 20

Geolocation routing policy — Use when you want to route traffic based on the location of users.

Geo-proximity routing policy — Use when you want to route traffic based on the location of your resources and optionally switch resource traffic at one location to resources elsewhere

Question 21

OpsWork Vs CloudFormation

Answer 21

Application Deployment Vs IaaS

Question 22

Kinesis data stream
vs
data analytics
vs
client library
vs
data firehose

Answer 22

Capture, process and store(Ingestion service) data for consumers
vs
Analytical service using SQL service
vs
Analytical service using SQL KCL (more complex than Anlytical service)
vs
ETL service to load data in data lakes, data stores, and analytics services

Question 23

AWS Cost Explorer Vs AWS Bills Vs AWS Reports

Answer 23

AWS cost explorer gives graphical representation but others not

Question 24

AWS Billing Conductor
Vs
AWS Cost Explorer
Vs
AWS Cost and Usage Report
Vs
AWS Organization

Answer 24

Grouping of accounts for billing and apply custom pricing plans
Vs
Visualize, understand, forcast and manage your AWS costs and usage over time
Vs
Publish your AWS billing reports to an Amazon Simple Storage Service (Amazon S3) bucket that you own. Reports that break down your costs by the hour or day, by product or product resource, or by tags that you define yourself
Vs
If you create multiple accounts, you can use the consolidated billing feature of AWS Organizations to combine all your member accounts under one management account and receive a single bill

Question 25

FSx vs EFS

Answer 25

FSx is designed for Windows workloads, offering fully managed Windows file systems, including Windows-native features like Active Directory integration and Windows ACLs (Access Control Lists). Vs EFS is a managed Network File System (NFS) for Linux-based workloads

Question 26

IoT Greengrass vs IoT Core

Answer 26

IoT Core operates in the cloud, while Greengrass is designed for edge computing, allowing devices to perform computations locally

Question 27

Synchronous Vs Asynchronous Replication

Answer 27

Multi-AZ deployment Vs Read Replicas

Question 28

Routing Table vs ACLs

Answer 28

Route tables control traffic between subnets, specifying how packets should flow within a VPC. ACLs, acting as subnet-level firewalls, determine which packets are allowed to flow in and out of subnets. Route tables focus on routing decisions, directing traffic based on destination IP addresses. ACLs control traffic based on rules, specifying allowed or denied communication between subnets.

Question 29

AWS Data Pipeline vs AWS SQS

Answer 29

Automates the movement and transformation of data, allowing users to define data-driven workflows Vs scalable and fully managed message queuing service for decoupling components of a cloud application, ensuring reliable and asynchronous communication

Question 30

AWS Managed services vs professional services

Answer 30

Managed services are ongoing and typically contracted, addressing daily IT needs comprehensively Vs Professional services offer expertise for specific projects, ensuring optimal implementation and functionality

Question 31

AWS Audit Manager Vs Security Hub

Answer 31

Security Hub conducts automated security checks aligned to different industry and regulatory frameworks. Audit Manager automatically collects the findings generated by these Security Hub checks as a form of evidence and combines them with other evidence, such as AWS CloudTrail logs, to help customers generate assessment reports It is cloud security posture management (CSPM) service Audit Manager helps you manage stakeholder reviews of your controls and enables you to build audit-ready reports with much less manual effort

Question 32

AWS Audit Manager Vs Inspector

Answer 32

AWS Audit Manager: Assists in continuous auditing of AWS usage, automating evidence collection to assess policy compliance and control effectiveness. Vs AWS Inspector: A vulnerability management tool that analyzes AWS workloads, identifying network exposure and software vulnerabilities.

Question 33

AWS workspaces vs appstream

Answer 33

AWS WorkSpaces is a fully managed desktop-as-a-service (DaaS) solution that lets you provide virtual desktops to your users Vs AWS AppStream is a fully managed application streaming service that lets you stream desktop applications to any computer running a web browser

Question 34

AWS PrivateLink Vs AWS DirectConnect

Answer 34

Connects VPCs (using VPC endpoints) to AWS Services or other VPCs in private network connection. Vs Connects On-Premise to AWS in private network connection

Question 35

Stateless Vs Stateful

Answer 35

Configure and more control Vs Ready configured and less control

Question 36

EC2 Image Builder Vs AMI

Answer 36

Service facilitating automated creation, management, and deployment of machine and container images. It simplifies the creation of virtual machines Vs Snapshot of an EC2 instance that includes the operating system and application software EC2 Image Builder can distribute AMIs or container images to any AWS Region

Question 37

AWS Manage Parameter Store Vs Secrets Manager

Answer 37

Designed for centralizing configuration data with only one version and with or without encryption using KMS (Mostly non secret data and no additional charge) Vs Securely storing and managing sensitive information, such as API keys and database credentials which always encrypted with multiple versions(additional charge)

Question 38

PCSFS ( Trusted Advisor) EALS (CAF Life Cycle) BGPPOS (CAF) TPOP (CAF Domains) CORPSS (Well Architected Framework)

Answer 38

Performance, Cost, Security, Fault Tolerance, Service Limits Envision, Align, Launch, Scale Business, Governance, People, Platform, Operations, Security Technology, Process, Organization, Product Cost Optimization, Operational Excellence, Reliability, Performance Efficiency, Security and Sustainability

Question 39

AWS Owned Vs AWS Managed Vs Customer Managed keys

Answer 39

Encryption keys owned by AWS and NOT stored in customer account and used across multiple customer accounts and stored under default key store. Customer cannot access it Vs Encryption keys created, managed, and used on your behalf by an AWS service that is integrated with AWS KMS and stored in customer account under default key store. Customer can access it. Vs Encryption keys you create, own, and manage and stored in customer account under custom key store. Customer can access it.

Question 40

AWS Cognito Vs AWS Identity Center

Answer 40

Social Media Integration and access for Mobile and Web based apps Vs Centralized access and Workforce identity management In short, Amazon Cognito is identity management solution for developers building B2C or B2B apps for their customers, which makes it a customer-targeted IAM and user directory solution. Vs AWS SSO is focused on SSO for employees accessing AWS and business apps, initially with Microsoft AD as the underlying employee directory.

Question 41

Application Discovery Vs Migration Service

Answer 41

Discover on-premises applications to streamline migration Vs Automate application migration and modernization

Question 42

TAM Vs Partner Network Vs Managed Service Provider(MSP) Vs Professional Services

Answer 42

TAM provide architectural and operational guidance under enterprise support plans Vs Consists of MSP(Overall), Competency Partners(Technical) , Service Partners(s/w products) and consulting partners (advisory) Vs MSP provide end-to-end AWS solutions and services at any stage of the cloud journey Vs During cloud Adoption stage provide professional service

Question 43

AWS Backup Vs Data Sync Vs Storage Gateway

Answer 43

Automated backup service within AWS Vs Onpremise to AWS sending of data over internet Vs Accessing AWS storage services on premise + data back capabilities

Question 44

AWS GuardDuty Vs AWS Detective

Answer 44

RealTime Threat Detection Vs Post Incident Analysis