EC2

Question 1

Here are some EC2 configuration options:

OS: Linux, Windows or MAC OS
CPU: compute power and cores
RAM: how much memory
Storage space: Network-attached (EBS & EFS) or hardware (EC2 Instance Store)
Network card: speed of the card, public IP address
Firewall rules: security group
Bootstrap script (configure at first launch): EC2 User Data

Question 2

Using an EC2 User Data script you can ____ the instances, meaning you can launch commands when the machine starts.
The script is run as the root user.

Answer 2

bootstrap

Question 3

The EC2 user data script is only run once when the instance is ____.

Answer 3

first started

Question 4

EC2 user data is used to automate boot tasks such as:

installing updates
installing software
downloading common files from the internet
just about anything else

Question 5

AWS instance naming convention - m5.2xlarge

m: instance class
5: generation
2xlarge: size within the instance class

Question 6

Which EC2 instance type is described below:

• great for a diversity of workloads such as web servers or code repositories.
• balance between compute, memory and networking

Answer 6

general purpose

Question 7

Which EC2 instance type is described below:

• great for compute-intensive tasks that require high performance, such as:
  
  • batch processing workloads
  • media transcoding
  • high performance web servers
  • high performance computing (HRC)
  • scientific modeling and machine learning
  • dedicated gaming servers

Answer 7

compute optimized

Question 8

Which EC2 instance type is described below:

• fast performance for workloads that process large data sets in memory
• use cases:
  
  • high performance, relational/non-relational databases
  • distributed web scale cache stores
  • in-memory databases optimized for BI
  • applications performing real-time processing of big unstructured data

Answer 8

memory optimized

Question 9

Which EC2 instance type is described below:

• great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage
• use cases:
  
  • high frequency online transaction processing (OLTP) systems
  • relational and NoSQL databases
  • cache for in-memory databases (for example, Redis)
  • data warehousing applications
  • distributed file systems

Answer 9

storage optimized

Question 10

____ are fundamental to network security in AWS.
They control how traffic is allowed into or out of EC2 instances.

Answer 10

Security groups

Question 11

Security groups only contain ____ rules.

Answer 11

allow

Question 12

Security group rules can reference by ____ or by ____.

Answer 12

IP
security group

Question 13

Security groups act as a ____ on EC2 instances.
They regulate:
- access to ports
- authorized IP ranges - IPv4 and IPv6
- control of inbound network
- control of outbound network

Answer 13

firewall

Question 14

Security groups can be attached to ____ instances.

Answer 14

multiple

Question 15

Security groups are locked down to a ____ combination.

Answer 15

region/VPC
If you move to a different Region or VPC, you have to recreate the security group.

Question 16

Security groups live ____ the EC2, so if traffic is blocked the EC2 instance will not see it.

Answer 16

outside

Question 17

Best practice is to maintain a separate security group for ____ access.

Answer 17

SSH

Question 18

If your application is not accessible (time out), then it’s a ____ issue.
If your appication gives a “connection refused” error; then its an ____ issue or its not launched.

Answer 18

security group
application

Question 19

All EC2 inbound traffic is ____ by default.
All EC2 outbound traffic is ____ by default.

Answer 19

blocked
allowed

Question 20

Security groups referencing other security groups example.

Answer 20

Question 21

Identify the port number used for each scenario below:

__ - SSH to log into a Linux instance
__ - FTP to upload files into a file share
__ - SFTP to upload files using SSH
__ - HTTP to access unsecured websites
__ - HTTPS to access secured websites
__ - RDP (Remote Desktop Protocol) to log into a Windows instance

Answer 21

22
21
22
80
443
3389

Question 22

Never enter your personal aws access id/keys (aws configure) into an EC2 instance.
Other users of your AWS account can retrieve those credentials.

Answer 22

Attach an IAM role to the EC2 instance instead.
Then you can run aws commands from the instance.

Question 23

EC2 instance purchase options overview:

On-Demand - short workload, predictable pricing, pay by second
Reserved (1 & 3 years)
- Reserved Instances - long workloads
- Convertible Reserved Instances - long workloads with flexible instances
Savings Plans (1 & 3 years) - commitment to an amount of usage, long workload
Spot Instances - short workloads, cheap, can lose instances (less reliable)
Dedicated Hosts - book an entire physical server, control instance placement
Dedicated Instances - no other customers will share your hardware
Capacity Reservations - reserve capacity in a specific AZ for any duration

Question 24

Which EC2 instance type is described below:

Pay for what you use:
- Linux or Windows - billing per second, after the first minute
- All other operating systems - billing per hour
Has the highest cost but no upfront payment
No long-term commitment

Recommended for short-term and un-interrupted workloads, where you can’t predict how the application will be behave

Answer 24

On-Demand

Question 25

With EC2 Reserved instances, you reserve what specific instance attributes?

Answer 25

instance type, region, tenancy, OS

Question 26

What reservation period durations are offered with EC2 Reserved instances?

Answer 26

1 & 3 year

Question 27

What payment options are offered with EC2 Reserved instances?

Answer 27

No Upfront, Partial Upfront or All Upfront

Question 28

What are the reserved instances' scope offered with EC2 Reserved instances?

Answer 28

Regional or Zonal (reserve capacity in an AZ)

Question 29

What EC2 instance type is recommended for steady-state usage applications, such as databases?

Answer 29

EC2 Reserved Instances

Question 30

You can buy and sell EC2 Reserved instances in a ____.

Answer 30

marketplace

Question 31

With a EC2 ____ instance, you can change the instance type, family, OS, scope and tenancy.

Answer 31

Convertible Reserved

Question 32

Which EC2 instance type is described below: Get a discount based on long-term usage Commit to a certain type of usage ($10/hour for 1 or 3 years)

Answer 32

Savings Plans

Question 33

Usage beyond EC2 Savings Plans is billed at the ____ price.

Answer 33

On-Demand

Question 34

Which EC2 instance type is described below: Locked to a specific instance family and AWS region (e.g., M5 in us-east-1) Flexible across: - instance size (e.g., m5.xlarge, m5.2xlarge) - OS - Tenancy (host, dedicated, default)

Answer 34

Savings Plans

Question 35

EC2 ____ instances are the most cost-efficient instances in AWS with the most aggressive discounts.

Answer 35

Spot

Question 36

With EC2 ____ instances, you can "lose" your instance at any point in time if your max price is less than the current price.

Answer 36

Spot

Question 37

Which EC2 instance type is most suitable for workloads that are resilient to failure such as : - batch jobs - data analysis - image processing - any distributed workloads - workloads with a flexible start and end time

Answer 37

Spot

Question 38

EC2 ____ instances are not suitable for critical jobs.

Answer 38

Spot

Question 39

A EC2 ____ is a physical server with EC2 instance capacity fully dedicated to your use.

Answer 39

Dedicated Hosts

Question 40

Which EC2 purchase option allows you to address compliance requirements and use your existing server-bound software licenses (per-socket, per-core, per-VM software licenses)?

Answer 40

Dedicated Hosts

Question 41

EC2 ____ is the most expensive EC2 purchase option.

Answer 41

EC2 Dedicated Hosts

Question 42

What are the purchasing options for EC2 Dedicated Hosts?

Answer 42

On-demand - pay per second for active Dedicated Hosts Reserved - 1 or 3 years (No Upfront, Partial Upfront, All Upfront)

Question 43

Which EC2 purchase option is best for software that has complicated licensing models (BYOL - Bring Your Own License)?

Answer 43

EC2 Dedicated Hosts

Question 44

Which EC2 purchase option is best for companies that have strong regulatory or compliance needs?

Answer 44

EC2 Dedicated Hosts

Question 45

Which EC2 purchase option is described below: - Instances run on hardware that’s dedicated to you - May share hardware with other instances in same account - No control over instance placement (can move hardware after Stop/Start)

Answer 45

EC2 Dedicated Instances

Question 46

Difference between Dedicated Hosts and Dedicated Instances

Answer 46

Question 47

EC2 ____ allow you to reserve On-Demand instance capacity in a specific AZ for any duration.

Answer 47

Capacity Reservations

Question 48

Which EC2 purchase option is described below: - You always have access to EC2 capacity when you need it - No time commitment, no billing discounts - Combine with Regional Reserved Instances and Savings Plans to benefit from billing discounts.

Answer 48

Capacity Reservations

Question 49

With EC2 ____ instances, you are charged at On-Demand rates whether you run instances or not.

Answer 49

Capacity Reservations

Question 50

Which EC2 purchase option is suitable for short-term, uninterrupted workloads that needs to be in a specific AZ?

Answer 50

Capacity Reservations

Question 51

Which EC2 purchasing option is best? Analogy

Answer 51

Question 52

Starting in Feb 2024, there is a charge for all Public IPv4 addresses created in your account. This is because they are trying to push people to IPv6.

Question 53

EC2 Spot Instances can get a discount up to 90% compared to ____.

Answer 53

On-Demand

Question 54

With EC2 Spot instances, you define a ____ and get the instance with the current spot price < than the max.

Answer 54

max spot price

Question 55

If the current spot price > your max price, you can choose to stop or terminate your instance with a ____ minutes grace period.

Answer 55

2

Question 56

With a ____ strategy, you can block a EC2 Spot instance during a specified time frame (1 to 6 hours) without interruptions. In rare situations, the instance may be reclaimed. No longer offered by AWS.

Answer 56

Spot Block

Question 57

How to terminate Spot Instances?

Answer 57

Question 58

____ allow you to automatically request Spot Instances with the lowest price.

Answer 58

Spot Fleets

Question 59

A Spot Fleet is a set of Spot Instances + (optional) On-Demand Instances

Question 60

Spot Fleet stops launching instances when reaching ____ or ____.

Answer 60

capacity max cost

Question 61

Strategies to allocate Spot instances with Spot Fleet: - lowestPrice: from the pool with the lowest price (cost optimization, short workload) - diversified: distributed across all pools (great for availability, long workloads) - capacityOptimized: pool with the optimal capacity for the number of instances - priceCapacityOptimized (recommended): pools with highest capacity available, then selects the pool with the lowest price (best choice for most workloads)

Question 62

If you need to have a fixed public IP for your instance, you need an ____.

Answer 62

Elastic IP

Question 63

An ____ is a public IPv4 IP that you own as long as you don’t delete it.

Answer 63

Elastic IP

Question 64

You can only have ____ Elastic IPs in your account, but you can ask AWS to increase that number.

Answer 64

5

Question 65

Try to avoid using Elastic IPs, as they often reflect poor architectural decisions. Instead use a random public IP and register a DNS name to it OR Use a Load Balancer and don’t use a public IP

Question 66

By default, your EC2 machine comes with - a private IP for the internal AWS network - a public IP for the www

Question 67

EC2 ____ give you control over the EC2 placement strategy.

Answer 67

Placement Groups

Question 68

When you create a placement group, you specify one of the following strategies for the group: Cluster - will cluster instances into a low-latency group in a single Availability Zone Spread - spreads instances across underlying hardware (max 7 instances per group per AZ). For critical applications. Partition - spreads instances across many different partitions (which rely on different sets of racks) within an AZ. Scales to 100s of EC2 instances per group. (Hadeep, Cassandra, Kafka)

Question 69

EC2 Placement Group - Cluster All EC2 instances are in the same AZ. Pros: - great network ( 10Gbps bandwidth between instances with Enhanced Networking enabled - recommended) Cons: - if the AZ fails, all instances fail at the same time Use Case: - Big data job that needs to complete fast - Application that needs extremely low latency and high network throughout

Question 70

EC2 Placement Group - Spreads Each EC2 instance is located on different hardware. Pros: - can span across multiple Azs - reduced risk of simultaneous failure - EC2 instances are on different hardware Cons: - limited to 7 instances per AZ per placement group Use Cases: - application that needs to maximize high availability - critical applications where each instance must be isolated from failure from each other

Question 71

EC2 Placement Group - Partitions Each partition can have multiple EC2 instances. The partitions can be spread across multiple AZs in the same region. Up to 7 partitions per AZ. The instances in a partition do not share racks with the instances in the other partitions. A partition failure can affect many EC2, but won't affect other partitions. EC2 instances get access to the partition information as metadata. Use Cases: big data such as HDFS, HBase, Cassandra, Kafka

Question 72

After you create your EC2 placement groups, you can then go to launch a new EC2 instance there will be an option to select the group.

Question 73

____ is a logical component in a VPC that represents a virtual network card.

Answer 73

Elastic Network Interfaces

Question 74

An Elastic Network Interface can have the following components: - primary private IPv4, one or more secondary IPv4 - one Elastic IP (IPv4) per private IPv4 - one public IPv4 - one or more security groups - a MAC address

Question 75

You can create an Elastic Network Interface and attach it on the fly (move them) on EC2 instances for failover.

Question 76

Elastic Network Interfaces are bound to a specific ____.

Answer 76

availability zone

Question 77

With EC2 Hibernate, the in-memory (RAM) state is ____.

Answer 77

preserved This is done by writing the RAM state to a file in the root EBS volume.

Question 78

With EC2 Hibernate, the root EBS volume must be ____.

Answer 78

encrypted

Question 79

Use cases for EC2 Hibernate: - long-running processing - saving the RAM state - services that take time to initialize