EC2 Flashcards Preview

2019 - AWS CSAA - MINE > EC2 > Flashcards

Flashcards in EC2 Deck (37):
1

What are the types of EC2 instances?

On-Demand - fixed fee, no commitment
Reserved - with contract
Spot - Bid
Dedicated hosts - physically dedicated system

2

How are you charged for a partial hour if the prices changes on a spot instance?

You will not be charged

3

How are you charged for a partial hour if you terminate a spot instance?

You will be charged

4

What are the instance types

F
I
G
H
T
D
R
M
C
P
X
Z
A
U

5

You delete an EBS instance. What is the default protection behavior?

None, it is deleted unless termination protection was turned on

6

You delete an EC2 instance, Will addition EBS volumes other than root be retained?

Yes

7

Can default AMI root volumes be encrypted?

No.

8

How can you encrypt a root volume?

Use a 3rd party tool or it can be done when creating the AMI

9

Can EBS volumes be encrypted?

Yes, but not the root when using a default AMI

10

Security group fundamentals?

All inbound is blocked by default
All outbound is allowed
Changes take effect immediately
Unlimited number of EC2 instances can use the same Sec Group
Are stateful


11

What does stateful mean?

When a port is opened it is open for both inbound and outbound

12

How can you block IP addresses? Sec groups or NACL's?

NACLS

13

What are the EBS Types?

GP (SSD)
PIOPS (SSD) = DB-s
TO (HDD) =Big data
Cold (HDD) = File servers
EBS Mag - Infrequently accessed

14

You take an EBS snapshot, where is it stored?

S3

15

T or F Snapshots are Full

False

16

How do you ensure an EBS snapshot is quiesced?

Stop the instance

17

Can you take an EBS snap while the instance is running?

Yes

18

Can you create AMI's from volumes and snapshots?

Yes

19

You want to change the EBS volume size and and type. When can you do this?

You can do this on the fly

20

How do you move a EC2 volume to another AZ?

Take a snapshot, create an AMI then launch in the new AZ

21

How do you move a EC2 volume to another region?

Take a snapshot, create an AMI then move to the new region

22

Are snapshot of encrypted volumes encrypted?

Yes

23

Are encrypted volumes that are restored encrypted?

Yes

24

Can you share encrypted volumes?

No

25

Can you share snapshots?

Yes, if they are unencrypted

26

What are the characteristics of Instance Store

Cannot be stopped. If host is stopped or fails data is lost
You can reboot

27

When an instance is deleted, what will happen to an instance volume and EBS?

Both will be deleted, but you can protect the EBS volume

28

How do you encrypt the root volume?

Create a snapshot
Create a copy of the snapshot
Create an AMI from the encrypted snapshot
Use that AMI to launch a new encrypted instance

29

What is the default cloudwatch monitoring interval?

5 min, but can be change to 1 min by turning on detailed monitoring

30

What is the difference between cloudwatch and cloudtrail?

Cloud watch is used to gauge performance, cloud trail is used for auditing

31

Features of cloud watch

Dashboards
Alarms
Events
Logs

32

What can be used to automate a new instance build

Boot strap script

33

What is the URL to get instance information?

http://169.254.169.254/latest/meta-data/
http://169.254.169.254/latest/user-data/

34

What is the EFS format>

NFS V4
Pay for use
scalable to PB
Supports thousands of concurrent NFS connections
Data is stored across multiple AZs within a region
read after write consistency

35

Benefits of roles?

more secure
easy to manage
Can be assigned after instance creation
Can be used in any region

36

What is the best way to secure, centrally, hundreds of EC2 instances rather than using access key and secret access key

Roles

37

Which of the following statements are true about containers on AWS? (Choose 5)

You can have AWS manage Kubernetes for you.
You can install and manage Kubernetes on AWS, yourself.
ECR can be used to store Docker images.
ECS allows you to control the scheduling and placement of your containers and tasks.
To be able to use ECS, you must use the ECS Agent.