EC2

Question 1

How are EC2 subnets arranged within a region?

Answer 1

Each subnet will default into a single availability zone - subnets do not cross availability zones

Question 2

By default what will happen to the EBS volume attached to an EC2 instance when the instance is terminated?

Answer 2

By default the EBS instance will be deleted

Question 3

Can EBS root volumes be encrypted?

Answer 3

EBS root volumes of your Default Amazon AMI’s CAN NOT be encrypted. You can use 3rd party tools (such as bitlocker) to encrypt the root volume, or you can do this when creating AMI’s.

Question 4

What ports are blocked/allowed by default in AWS security groups?

Answer 4

By default all inbound traffic is blocked, all outbound traffic is allowed

Question 5

How long do changes to security groups take to propagate?

Answer 5

Changes to security groups take effect immmediately

Question 6

What is the difference between AWS security groups and network ACLs?

Answer 6

AWS security groups are stateful (if you create a rule to allow traffic in it is automatically allowed back out again) while ACLs are stateless (you MUST create separate rules to allow traffic in and out)

Question 7

Can security groups be used to block traffic from specific IP addresses?

Answer 7

No, to do this you must use ACLs.

Question 8

Can security groups be used to deny traffic?

Answer 8

No, all traffic is denied by default. Security groups are used to allow traffic but cannot deny traffic.

Question 9

Can an EBS volume be in a different availability zone from the EC2 instance it is mounted on?

Answer 9

No, they must be in the same availability zone.

Question 10

What EBS volume types can be modified on the fly without shutting down the EC2 instance?

Answer 10

All types except for Magnetic Storage (Standard) - General Purpose SSD (GP2), Throughput Optomized HDD (ST1), Cold HDD (SC1), Provisioned IOPS SSD (IO1)

Question 11

How can an EBS volume be moved from one availability zone to another?

Answer 11

You can take a snapshot of an existing EBS volume, then create a new volume from that snapshot in a new availability zone.

Question 12

How can you move an EC2 instance to a different region?

Answer 12

You must create a snapshot of the instance first, then you can copy that snapshot to a new region.

Question 13

What RAID configuration should you not use with AWS?

Answer 13

Amazon recommends not ever using RAID 5 on EBS

Question 14

In EBS why would you use RAID arrays?

Answer 14

RAID arrays would be used on EBS to increase disk I/O performance. This would commonly be used with RAID 0 or RAID 10

Question 15

What are the 3 common ways to take an application consistent snapshot of a RAID array?

Answer 15

• Freeze the filesystem
• Unmount the RAID array
• Shut down the associated EC2 instance

Question 16

What step should you take to an EC2 instance before you take a snapshot?

Answer 16

The instance should be shut down

Question 17

What can you select an AMI based on?

Answer 17

• Region
• Operating System
• Architecture
• Launch Permissions
• Storage for the root device

Question 18

What is the difference in actions available between an EBS backed instance and an instance stored (ephemeral storage) EC2 instance?

Answer 18

• Instance store EC2 instances cannot be stopped, only restarted or terminated. If the underlying host fails you will lose your data
• Instance stored volumes cannot be detached and added to a different EC2 instance, EBS volumes can be

Question 19

What is the difference between an EBS backed AMI and an instance store backed AMI?

Answer 19

• EBS backed AMIs have a root device that is an Amazon EBS volume created from an Amazon EBS snapshot
• Instance store AMIs have a root device that is instance store volume created from a template stored in Amazon S3

Question 20

How often are EC2 instances checked when using basic monitoring?

Answer 20

Basic monitoring checks every 5 minutes. Detailed monitoring checks every 1 minute.

Question 21

What Cloudwatch metrics are available by default for EC2 instances?

Answer 21

The default metrics are CPU, Disk, Network, and status checks

Question 22

What URL can be used to gather metadata for an EC2 instance?

Answer 22

http://169.254.169.254/latest/meta-data/ - this site can be accessed using curl from the command line of an AWS EC2 instance

Question 23

What is a placement group?

Answer 23

A placement group is a logical grouping of instances within a single availability zone. Using placement groups enables applications to participate in a low-latency, 10 Gbps network.

Question 24

Can a placement group span multiple availability zones?

Answer 24

No, it exists within a single availability zone and represents a single point of failure.

Question 25

What is EFS?

Answer 25

EFS (Elastic File System) is a file storage service for Amazon Elastic Cloud Compute (EC2) Instances. With Amazon EFS storage capacity is elastic, growing and shrinking as you add and remove files. (file share)

Question 26

What is lambda?

Answer 26

AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app.

Question 27

What events can trigger an AWS Lambda function?

Answer 27

``` Amazon S3 Amazon DynamoDB Amazon Kinesis Data Streams Amazon Simple Notification Service Amazon Simple Email Service Amazon Cognito AWS CloudFormation Amazon CloudWatch Logs Amazon CloudWatch Events AWS CodeCommit Scheduled Events (powered by Amazon CloudWatch Events) AWS Config Amazon Alexa Amazon Lex Amazon API Gateway AWS IoT Button Amazon CloudFront Amazon Kinesis Data Firehose On Demand (a Lambda function can be initiated by a user on demand) ```

Question 28

How does Lambda scale?

Answer 28

Lambda scales out automatically - for example, if you have a Lambda function triggered by an HTTP request and 3 users submit requests this will result in a unique instance of your Lambda function being created to respond to each request.

Question 29

What languages are supported in Lambda functions?

Answer 29

C#, Node.js, Java, Python

Question 30

How is Lambda billed?

Answer 30

Lambda is billed in 2 ways: Number of requests (the first 1 million requests each month are free, after that you are billed $0.20 per million requests) Duration (the first 400,000 GB-seconds per month, up to 3.2M seconds of compute time, are free. you are charged $0.00001667 FOR EVERY GB-SECOND USED THEREAFTER. duration is calculated from when your code begins executing until it returns or otherwise terminates)

Question 31

Can you delete a snapshot of an EBS Volume that is used as the root device of a registered AMI?

Answer 31

You must deregister the AMI before being able to delete the root device. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html

Question 32

What types of virtualization are available with EC2?

Answer 32

Para-Virtual (PV) and Hardware Virtual Machine (HVM)

Question 33

Which of the following is not a valid configuration type for AWS Storage gateway - Gateway-accessed Volumes, Gateway-Cached Volumes, Gateway-Stored Volumes, Gateway-Virtual Tape Library

Answer 33

Gateway-Accessed Volumes

Question 34

When a spot instance is terminated who pays for the hour during which it is terminated?

Answer 34

If AWS terminated the instance you get the hour for free, but if you terminate it you pay for the whole hour

Question 35

What are the EC2 pricing models?

Answer 35

On Demand - pay by the second or by the hour Spot - you set a bid price and if the spot price equals your bid price your instances are provisioned, if the spot price goes over your bid price your instances are terminated Reserved - reserved EC2 capacity in contracts running 12 months to 36 months Dedicated Hosts - hardware dedicated to your EC2 instances

Question 36

What are the two types of placement groups?

Answer 36

Clustered - A grouping of instances within a single availability zone. Recommended for applications that need low network latency, high network throughput, or both. NOTE: If the exam doesn't call out the specific type of placement group it is referring to assume it is a clustered placement group. Spread - A group of instances placed on distinct underlying hardware. Recommended for applications with a small number of critical instances that should be kept separate.

Question 37

How can you add an EC2 instance to an existing placement group?

Answer 37

Placement groups can't be merged and an existing EC2 instance can't be added to a placement group. All instances in a placement group MUST be launched into that group at creation. If you need to move an existing instance into an existing placement group you can create an AMI from that instance and then launch a new instance into your placement group.