Content Delivery

Question 1

CDN

Answer 1

Content Delivery Network is a global network of interconnected servers that ensures your website’s content reaches users quickly.
If one server is down or overwhelmed, the CDN automatically reroutes requests to the next closest server.
This ensures your website remains available and performs consistently, regardless of traffic spikes or server issues.

Question 2

Amazon CloudFront

Answer 2

It is a Content Delivery Network (CDN)
Charges for data transfers, but the first terabyte is free
caching your content in multiple data centers, known as edge locations, all over the world.
It integrates with AWS Shield for DDoS protection, and AWS Web Application Firewall, or WAF, to safeguard your site from common web exploits.
Works to protect the transfer of sensitive data, such as credit card information

Question 3

Amazon Global Accelerator

Answer 3

Uses edge locations to find an optimal pathway to the nearest regional endpoint.
Some benefits of AWS Global Accelerator are improved performance.
Propels user traffic through Amazon’s congestion-free global network.
Global Accelerator provides two global static public IPs
that act as a fixed entry point to your application endpoints.

Simplifies traffic management across multiple regions acting as a single entry point, and thus reducing the complexity of handling global network traffic.

Includes DDOs protection

Question 4

What are VPCs and Public Subnets

Answer 4

A Virtual Private Cloud (VPC) is a logically isolated section where you can launch AWS resources in a virtual network that you define. Public Subnets are accessible from the internet, while private subnets are used for internal resources like databases.

Question 5

What are Route Tables

Answer 5

Route tables control the flow of traffic within the VPC

Question 6

Internet Gateway

Answer 6

An Internet Gateway (IGW) enables communication between instances in your Virtual Private Cloud (VPC) and the internet. It is a horizontally scaled, redundant, and highly available VPC component that allows traffic to flow between your VPC and the internet.

Question 7

What are NACLs

Answer 7

NACLs or network access control lists operate at the subnet level, they are in charge of traffic in the subnets
They’re stateless and they offer an additional layer of security.
“Stateless” refers to a type of network device or security mechanism that treats each packet of data independently, without retaining any information about previous packets.

Question 8

Route 53

Answer 8

Amazon DNS - Domain Name System. It also provides domain name registration and health checking web services.
Translating domain names into IP addresses.

Question 9

What Route 53 can do?

Answer 9

It uses a variety of routing methods, including geolocation routing, latency-based routing, and weighted round-robin routing, which allows you to send a small portion of traffic
to a server.
It automatically routes traffic away from failed or unhealthy endpoints to ensure continued availability and performance.
Route 53 can distribute incoming application traffic
across multiple targets such as EC2 instances,
containers, and IP addresses.

Question 10

Site-to-site VPN

Answer 10

• Creates a secure connection between your data center or branch office and your AWS environment.
• Extends your network to the AWS Cloud as if it were part of your own data center.

Question 11

AWS client VPN

Answer 11

• Managed client-based VPN service.
• Provides secure access to AWS resources or private networks from any location.
• Ideal for remote users, such as employees connecting from outside the office.

Question 12

AWS Direct Connect

Answer 12

It is like a private connection to AWS without using the internet.
1. High-speed data transfer
- Provides dedicated network capacity.
- Significantly boosts data transfer speed.
- Ideal for large-scale data migrations, disaster recovery, or real-time data feeds.
2. Reduced bandwidth costs
- Bypasses the public internet.
- Lowers overall network costs for heavy data transfer.
3. Reliable and private connection
- Offers a stable and secure path.
- Minimizes risks associated with internet connectivity issues like latency and potential threats.
- Enhances security for sensitive data.

Question 13

When to use AWS Direct Connect?

Answer 13

Large-scale data transfer requirements.
Consistent network performance is crucial.
Enhanced security for sensitive data.

Question 14

When to use AWS VPN?

Answer 14

• Flexible remote access is required.
• Cost-effective solution for smaller data loads.
• Quick and easy setup for temporary or urgent requirements.

Question 15

Which feature of Amazon Route 53 helps to manage traffic for your application based on various criteria, such as geographic location?

Answer 15

Route 53 traffic flow is a feature of Amazon Route 53 that allows you to manage how traffic is routed to your application.

Question 16

Which scenario best utilizes AWS Global Accelerator?

Answer 16

To optimize global application performance by routing user traffic through AWS’s global network

Question 17

What is the primary role of an internet gateway in an Amazon VPC?

Answer 17

To enable communication between instances in the VPC and the internet

Question 18

What is the primary function of a CDN like Amazon CloudFront?

Answer 18

The primary function of a CDN like Amazon CloudFront is to deliver content globally with low latency and high transfer speeds.

Question 19

What is the main role of DNS services like Amazon Route 53?

Answer 19

DNS services like Amazon Route 53 route end users to applications running on AWS by resolving domain names to IP addresses.

Question 20

What is a primary purpose of Amazon Virtual Private Cloud (VPC)?

Answer 20

Amazon VPC allows users to create a logically isolated section of the AWS cloud for deploying AWS resources.

Question 21

Which feature is a key aspect of Amazon Route 53?

Answer 21

A key aspect of Amazon Route 53 is managing DNS records and routing internet traffic to the appropriate location.

Question 22

When is AWS Direct Connect the preferred choice over VPN?

Answer 22

When a high-capacity, dedicated data transfer path is needed

Question 23

What is the primary function of security groups in an Amazon VPC?

Answer 23

Security groups act as virtual firewalls for EC2 instances, controlling inbound and outbound traffic.

Question 24

Which feature of Amazon Route 53 helps to manage traffic for your application based on various criteria, such as geographic location?

Answer 24

Traffic flow

Question 25

DB types

Answer 25

Relational database is organized into rows and columns (Amazon RDS) NoSQL database, these key value pairs allow for a flexible and intuitive way to store and retrieve data (organized key and value, but value can be several values) (DynamoDB) In-memory databases. store data in the computer's main memory or RAM instead of slower disk-based storage. This means they can read and write data much faster than traditional databases. (Amazon ElastiCache and Reddis) Graph databases, they excel in handling data with complex relationships and interconnections, making them ideal for certain types of applications like fraud detection, recommendation systems, or drug discovery. (Amazon Neptune)

Question 26

What is DMS

Answer 26

Database Migration Service

Question 27

Database Migration Service characteristics

Answer 27

- Minimal downtime. You're able to continuously replicate your data during migration, keeping the source database operational. - It's reliable. DMS is self-healing with constant monitoring. It restarts automatically after interruptions and offers Multi-AZ for high availability. - Database consolidation. You can consolidate multiple databases into one, supporting both homogeneous and heterogeneous migrations across various locations.

Question 28

What is SCT

Answer 28

Schema Conversion Tool or SCT helps convert the database schema, which is the blueprint of how the database is constructed of your source database into a format compatible with AWS target databases. SCT examines and understands your existing database architecture, then creates a new schema for your target AWS database. It not only converts the schema, but also helps in transforming the database code, including stored procedures, functions, and views to be AWS compatible.

Question 29

Dynamo DB

Answer 29

- No SQL service, perfect for flexible, scalable, and fast data management. - Used in web apps, gaming, IoT and more for its low latency and high performance. - Features: - Scalability - Performance - Security - Restoreability.

Question 30

MemoryDB, Elastic Cache, and Redis

Answer 30

Memory DB: A super-fast notebook for storing and finding information quickly. Elastic Cache: A special toy box for quickly grabbing your favorite toys (information). Redis: A magical toy box that organizes and stores your toys (information) in a very smart and efficient way.

Question 31

Which AWS service is a fully managed graph database?

Answer 31

Amazon Neptune

Question 32

Amazon RDS differs from Amazon DynamoDB

Answer 32

Provides managed relational database services.

Question 33

Which feature is unique to AWS Database Migration Service (DMS)?

Answer 33

Continuous data replication during migration.

Question 34

What feature distinguishes Amazon RDS from other database services?

Answer 34

It is a managed relational database service.

Question 35

What is a key advantage of using Amazon DynamoDB for web applications?

Answer 35

Low-latency data access.

Question 36

Which AWS service offers an in-memory database?

Answer 36

Amazon MemoryDB for Redis.

Question 37

For which use case is Amazon MemoryDB most suitable?

Answer 37

ElasticCache, Redis. Real-time analytics and caching.

Question 38

Amazon DynamoDB is best suited for which scenario?

Answer 38

DynamoDB excels with flexible data models and unstructured data.

Question 39

AWS SCT is primarily used for what purpose?

Answer 39

Schema conversion in database migration.

Question 40

What is Elastic Beanstalk

Answer 40

Elastic Beanstalk is a fully managed service provided by Amazon Web Services (AWS) that makes it easier to deploy, run, and scale applications in multiple programming languages. It automates the setup and management of the underlying infrastructure, allowing developers to focus on writing code and deploying applications without worrying about server management. With Elastic Beanstalk, developers can simply upload their application code and Elastic Beanstalk takes care of provisioning and managing the necessary resources, such as compute instances, load balancers, databases, and storage. It supports a wide range of platforms and programming languages, including Java, .NET, Node.js, Python, Ruby, PHP, and more.

Question 41

What is XRAY

Answer 41

AWS X-Ray is a service provided by Amazon Web Services (AWS) that helps developers analyze and debug distributed applications. It provides insights into how an application is performing and where bottlenecks or issues may be occurring, making it easier to troubleshoot and optimize application performance. With X-Ray, developers can trace requests as they flow through their application and identify performance issues in real-time. It provides a visual representation of the application's architecture, showing how different components and services are interconnected. This allows developers to understand the impact of dependencies and identify any performance bottlenecks.

Question 42

Which of the following AWS services can be used to quickly and easily deploy a Java web application, including provisioning the EC2 instances needed to run the application, configuring an Elastic Load Balancer, and even installing Apache Tomcat?

Answer 42

Elastic Beanstalk

Question 43

Which AWS service can send both text and email messages from your applications?

Answer 43

Simple Notification Service (SNS)

Question 44

What service could you recommend to a developer to automate the software release process?

Answer 44

CodePipeline

Question 45

You would like to send marketing information to your customers with details of product launches and discount codes. Which service will allow you to send HTML-formatted emails?

Answer 45

Amazon Simple Email Service (SES)

Question 46

Which service allows you to practice Infrastructure as Code by provisioning your AWS resources via scripted templates?

Answer 46

AWS CloudFormation

Question 47

Which AWS service is used to help you build event-driven applications that respond to state changes triggered by AWS services like EC2?

Answer 47

EventBridge

Question 48

Which of the following is an artifact repository that makes it easy for developers to find approved software packages they need to build their applications?

Answer 48

CodeArtifact

Question 49

Your company has moved to AWS so it can use "Infrastructure as Code." You would like to have the ability to provision AWS infrastructure in a consistent and repeatable way. Which service should you use to achieve this?

Answer 49

CloudFormation

Question 50

Elastic Beanstalk vs CloudFormation

Answer 50

- Elastic Beanstalk is a simple service for deploying and scaling web applications and services. - CloudFormation is AWS's go-to Infrastructure-as-Code solution.

Question 51

Which of the following is the correct description of a loose coupling in relation to an application?

Answer 51

Application components can be connected to each other but are not dependent on each other.

Question 52

Which of the following are true statements about Simple Queue Service (SQS)?

Answer 52

Standard queues do not guarantee that the exact order of messages will be preserved.

Question 53

Which AWS service is used for notifications and messaging?

Answer 53

Simple Notification Service (SNS)

Question 54

Which of the following practices allows multiple developers working on the same application to merge code changes frequently, without impacting each other and enables the identification of bugs early on in the release process?

Answer 54

Continuous Integration

Question 55

Which of the following AWS services provides a browser-based shell with the AWS CLI pre-installed?

Answer 55

AWS CloudShell

Question 56

Which AWS service can be used to automatically install your application code onto EC2, on-premises systems, and Lambda?

Answer 56

CodeDeploy

Question 57

Which service can be used to decouple the components of an application?

Answer 57

SQS - Simple Queue Service - can be used to decouple the components of an application. Decoupling means to eliminate the dependencies between components so that different elements of the application can operate independently. By exchanging messages using SQS, components are not dependent on one another and do not expect an immediate response. Removing dependencies between application components allows different parts of the application to fail without bringing down the whole application.

Question 58

Which of the following AWS services can be used to visualize and orchestrate a serverless application?

Answer 58

Step Functions

Question 59

Which developer tool allows you to write code within your web browser?

Answer 59

AWS Cloud9

Question 60

Which of the following SQS configurations is generally recommended for most use cases and why?

Answer 60

Long polling is recommended for most use cases, because it only returns a response when a message is in the queue or the timeout is reached. This avoids paying for a lot of empty responses.

Question 61

Which of the following are suitable to store in CodeArtifact?

Answer 61

Libraries Deployable packages Documentation relating to your application Compiled applications All of these are suitable

Question 62

Which AWS service can be used to compile source code, run tests, and also package code? CodeBuild or CodePipeline

Answer 62

CodeBuild

Question 63

Which AWS service can be used to centrally store and version control your application source code, binaries, and libraries?

Answer 63

CodeCommit

Question 64

Which AWS service provides an end-to-end view of requests as they travel through a distributed application, and can be used to troubleshoot connectivity and performance issues?

Answer 64

X-Ray

Question 65

What is Snowball - when do you use it

Answer 65

Transfer of data - It is used if you have 10 terabytes or more to migrate.

Question 66

What is Snowball Edge - when do you use it

Answer 66

Transfer of data - It is for when you have 10 terabytes or more, but you need the device to also process the data before it goes to AWS.

Question 67

What is Snowmobile - when do you use it

Answer 67

Transfer of data - It is the shipping container full of discs getting towed by a truck, and this is for massive data sets, 10 petabytes or more.

Question 68

What is Snowcone - when do you use it

Answer 68

Transfer of data - It's so small, you can even fit it in a backpack. It's portable, military grade, holds up to 14 terabytes, and this one is used to migrate data from locations that do not have a proper data center like military bases.

Question 69

AWS Database Migration Service - DMS.

Answer 69

migrate your database and analytics workloads to AWS, and workloads could be on-premises, running on EC2 instances, or in RDS.

Question 70

AWS Schema Conversion Tool, and the Schema Conversion Tool simply converts from one database schema to another.

Answer 70

use the schema conversion tool to migrate and convert the data to another schema like AWS Aurora for MySQL.

Question 71

AWS Transfer Family - what are the types

Answer 71

It is all about file sharing and transfer with external parties. Types: SFTP, AS2, FTPS, and FTP

Question 72

You have 20 PB of data to transfer from your legacy application to AWS storage. Which service is designed to let you migrate data to AWS at petabyte scale?

Answer 72

Snowmobile

Question 73

You have 200 TB of data stored in your data center that needs to be securely copied to S3. Which of the following should you use to efficiently move the data to AWS?

Answer 73

Use AWS Snowball to move the data.

Question 74

Which of the following enables you to transport 100 PB of data to AWS using a shipping container pulled by a truck?

Answer 74

Snowmobile

Question 75

You are planning a large migration of 500 physical servers to AWS. Which service can be used to orchestrate and track progress of the migration?

Answer 75

Migration Hub

Question 76

You need to find a way to allow a third-party application to copy files to an S3 bucket that you own. The application uses SFTP to transfer files. Which AWS service would enable you to configure this?

Answer 76

Transfer Family

Question 77

Your company needs to migrate all applications to AWS; however, you currently have no accurate inventory and nobody has a record of deployed applications, operating system versions, or networking requirements. Which AWS service can be used to help create an inventory so that you can start planning your migration?

Answer 77

Application Discovery Service

Question 78

You have a large Oracle database that you would like to move to AWS. Your CFO has mandated that the company must not commission any more Oracle databases and has requested that you move this database to PostgreSQL. How can you meet this requirement?

Answer 78

Use the Schema Conversion Tool to convert the database to PostgreSQL.

Question 79

Which of the following is a physical data transfer solution that is small, portable, military grade, fits in a backpack, and could be used to transfer 10 TB of data to AWS?

Answer 79

Snowcone

Question 80

You have a large Oracle database running on physical servers located in your data center. Which service can you use to migrate this database to run in AWS?

Answer 80

Database Migration Service

Question 81

Which service is an automated lift-and-shift service, used to migrate applications running on physical servers, virtual servers, other cloud providers, and other AWS accounts or Regions?

Answer 81

Application Migration Service

Question 82

What is AWS DataSync

Answer 82

The data could exist in your data center, in other cloud providers, or even in AWS storage services in other accounts or regions. And you want to transfer the data to AWS services like S3, EFS, or FSX. So object storage and file storage. Well, you can do this using DataSync, and it will also encrypt the data as it transfers it over the network. You only pay per gigabyte of storage that you transfer.

Question 83

What is Application Discovery Service

Answer 83

A discovery tool gathers data about your existing setup, and the data is collected and sent over to AWS over an encrypted connection, and it's stored in AWS Migration Hub.

Question 84

What kind of data does Application Discovery Service get?

Answer 84

Creates a server inventory. It also collects configuration data, including operating system versions. It collects capacity utilization data so that you can rightsize your systems in AWS. And inbound and outbound network connections between servers. And that's going to let you understand the dependencies between the different systems.

Question 85

What is an Application Discovery Service agent?

Answer 85

An agent is installed on your virtual machines and physical servers, and the agent gathers the data and sends it all to the Application Discovery Service.

Question 86

When do we use agentless collector?

Answer 86

When we are migrating from VMware only.

Question 87

What is application migration service?

Answer 87

It helps to migrate your applications to AWS from physical servers, virtual servers running on VMware or Microsoft Hyper-V. It also supports migrating applications from other cloud providers, and you can even use it to migrate EC2 instances between AWS regions or between AWS accounts. Now it automatically converts your source servers from physical, virtual, or cloud infrastructure to run natively on AWS.

Question 88

What is Migration Hub?

Answer 88

It is essentially a central location to gather application and server inventory information. It enables you to assess, plan, and track migrations into AWS. It also allows you to logically group servers together for migration. And overall, it's used as a central place to manage the migration of your applications and data into AWS.

Question 89

VPCs security groups

Answer 89

- They offer security at an instance level - They are more granular (more in detail) - You can set up the allowable protocols, ports, and source + destination IP ranges. - They are stateful, meaning if inbound traffic comes, the return traffic is automatically allowed