EC2

Question 1

What does EC2 stand for?

Answer 1

Elastic Cloud Compute

Question 2

What is EC2?

Answer 2

A web service that provides resizable compute capacity in the cloud

Question 3

What are the benefits of EC2? (2)

Answer 3

• Reduces the time required to obtain and boot new server instances to minutes
• Scale capacity as your computing requirements change

Question 4

What are the five EC2 pricing models? (5)

Answer 4

• On Demand
• Reserved
• Spot
• Savings Plans
• Dedicated Hosts

Question 5

What are the features of the EC2 On Demand pricing model? (2)

Answer 5

• Pay a fixed rate by the hour (or second) with no commitment
• No up-front payment

Question 6

Which use cases work well under the EC2 On Demand pricing model? (2)

Answer 6

• Applications with short term, spiky or unpredictable workloads that cannot be interrupted
• Applications being developed or tested on Amazon EC2 for the first time

Question 7

What are the features of the EC2 Reserved pricing model? (3)

Answer 7

• Provides a capacity reservation
• Offers a significant discount on the hourly charge for an instance
• Contract terms of 1 or 3 years

Question 8

Which use cases work well under the EC2 Reserved pricing model? (3)

Answer 8

• Applications with steady state or predictable usage
• Applications that require reserved capacity
• Users able to make upfront payments to reduce their total computing costs

Question 9

What are the three types of EC2 Reserved pricing? (3)

Answer 9

• Standard reserved instances
• Convertible reserved instances
• Scheduled reserved instances

Question 10

What are the features of standard reserved instances? (2)

Answer 10

• Offer up to 75% off On-Demand instances

- Standard RIs can only be modified, not exchanged

Question 11

What are the features of convertible reserved instances? (2)

Answer 11

• Offer up to 54% off On-Demand instances

- Convertible RIs can be exchanged for different Convertible RIs of equal or greater value

Question 12

What are the attributes of a Reserved Instance? (4)

Answer 12

• Instance type (CPU, memory, storage, networking capacity)
• Platform description (operating system)
• Tenancy (runs on shared hardware/single-tenant hardware/Dedicated Host)
• Availability zone (optional)

Question 13

What are the features of scheduled reserved instances? (2)

Answer 13

• Available to launch within the time windows you reserve

- Use case: capacity matching to a predictable recurring schedule that only requires a fraction of a day/week/month

Question 14

What are the features of the EC2 Spot pricing model? (2)

Answer 14

• Allows you to request spare EC2 computing capacity for up to 90% off the On-Demand price
• Bid whatever price you want for instance capacity

Question 15

Which use cases are suited to the EC2 Spot pricing model? (3)

Answer 15

• Applications that have flexible start and end times
• Applications that are only feasible at very low compute prices
• Users with urgent computing needs for large amounts of additional capacity

Question 16

What are the features of the EC2 Savings Plans pricing model?

Answer 16

Offers low prices on EC2 usage in exchange for a commitment to a consistent amount of usage ($ per hour) for a 1 or 3 year term

Question 17

How do Reserved Instances provide a capacity reservation?

Answer 17

By assignment to a specific Availability Zone

Question 18

What happens when you terminate an EC2 Spot instance vs when EC2 terminates it? (2)

Answer 18

• If a Spot instance is terminated by EC2, you will not be charged for a partial hour of usage
• If you terminate the instance yourself, you will be charged for any hour in which the instance ran

Question 19

What are the features of the EC2 Dedicated Host pricing model? (3)

Answer 19

• A physical EC2 server is dedicated for your use
• Reduce costs by allowing you to use existing server-bound software licenses
• Can be purchased On-Demand or as a Reservation

Question 20

Which use cases are suited to the EC2 Dedicate Host pricing model? (2)

Answer 20

• Regulatory requirements which do not support multi-tenant virtualisation
• Licensing which does not support multi-tenancy or cloud deployment

Question 21

What are the differences between a Dedicated Host and a Dedicated Instance? (2)

Answer 21

• A Dedicated Host gives you additional visibility and control over how instances are placed on a physical server
• With a Dedicated Host, can consistently deploy your instances to the same physical server over time

Question 22

What is the default status of Termination Protection for an EC2 instance?

Answer 22

Termination Protection is turned off by default

Question 23

By default, what happens to the root EBS volume when an EBS-backed instance is terminated?

Answer 23

On an EBS-backed instance, the default action is for the root EBS volume to be deleted when the instance is terminated

Question 24

What does the root device volume contain?

Answer 24

The image used to boot the instance

Question 25

What is an AMI?

Answer 25

An Amazon Machine Image provides the information required to launch an instance

Question 26

Can root and non-root device volumes be selected for encryption during an instance launch? If not, how can the volume be encrypted after launch (3)

Answer 26

• The root device volume cannot be encrypted during an instance launch
• After launch, a snapshot must be taken, copied, this snapshot encrypted, an encrypted volume created from this & the existing volume then replaced with the encrypted volume
• A non-root device volume can be encrypted during launch or after launch

Question 27

Are security groups stateful or stateless?

Answer 27

Security groups are stateful

Question 28

What does stateful mean?

Answer 28

When you create an inbound rule allowing traffic in, an outbound rule is created automatically which allows the traffic back out again

Question 29

What are the default properties of a security group? (2)

Answer 29

• All inbound traffic is blocked

- All outbound traffic is allowed

Question 30

Can you block a particular port or IP address with security groups?

Answer 30

No, you can’t block a particular port or IP address with security groups

Question 31

How can you block a particular port or IP address?

Answer 31

With Network Access Control Lists

Question 32

What is the maximum number of EC2 instances within a security group?

Answer 32

Unlimited

Question 33

Can an EC2 instance have multiple attached security groups?

Answer 33

Yes

Question 34

What can you specify using a security group? Allow rules, deny rules, or both

Answer 34

You can specify allow rules, but not deny rules using security groups

Question 35

What does EBS stand for>

Answer 35

Elastic Block Store

Question 36

What does Amazon EBS do?

Answer 36

Provides persistent block storage volumes for use with EC2 instances in the AWS cloud

Question 37

How does the design of Amazon EBS protect you from component failure?

Answer 37

Each EBS volume is automatically replicated within its Availability Zone

Question 38

What are the five types of EBS? (5)

Answer 38

• General Purpose SSD
• Provisioned IOPS SSD
• Throughput Optimised HDD
• Cold HDD
• Magnetic

Question 39

Describe the General Purpose SSD EBS volume type and its use cases (2)

Answer 39

• Balances price and performance for a wide variety of transactional workloads
• Most workloads

Question 40

Describe the Provisioned IOPS SSD EBS volume type and its use cases (2)

Answer 40

• Highest-performance SSD volume designed for mission critical applications
• Databases

Question 41

Describe the Throughput Optimised HDD EBS volume type and its use cases (2)

Answer 41

• Low cost HDD volume designed for frequently accessed, throughput-intensive workloads
• Big data, data warehouses

Question 42

Describe the Cold HDD EBS volume type and its use cases (2)

Answer 42

• Lowest cost HDD volume designed for less frequently accessed workloads
• File servers

Question 43

Describe the Magnetic EBS volume type and its use cases (2)

Answer 43

• Previous generation HDD

- Workloads where data is infrequently accessed

Question 44

Can an EC2 instance and its EBS volume reside in different availability zones?

Answer 44

No

Question 45

How do you launch an EC2 instance in a different Availability Zone? (3)

Answer 45

• Take a snapshot of the instance
• Take an image of the snapshot
• Use this image to provision new EC2 instance - change the Availability Zone during the launch process

Question 46

When you terminate an EC2 instance with multiple EBS volumes, what happens after termination? (2)

Answer 46

• By default, the root EBS volume is deleted
• Whereas the additional volumes remain but their status is “available” rather than “in-use” - assuming the default of an unticked “delete on termination” for additional volumes

Question 47

Where do volumes and snapshots exist, respectively? (2)

Answer 47

• Volumes exist on EBS

- Snapshots exist on S3

Question 48

How can Amazon EBS and snapshots be described colloquially? (2)

Answer 48

• EBS is a virtual hard disk in the cloud

- Snapshots are a photograph of the disk

Question 49

How do snapshots relate to volumes?

Answer 49

Snapshots are point in time copies of volumes

Question 50

Describe how elastic block storage (EBS) works (3)

Answer 50

• Snapshots are incremental
• Only the blocks that have changed since your last snapshot are moved to S3
• As a result, the first snapshot may take some time to create

Question 51

Can you change EBS volume sizes on the fly?

Answer 51

Yes, you can change volume size and storage type

Question 52

Can you take a snapshot of EBS volumes that serve as root devices while their associated instance is running? Should you? (2)

Answer 52

• You can take a snapshot while the instance is running

- But you should stop the instance before taking the snapshot

Question 53

What are the properties of AMIs which differentiate different ones? (5)

Answer 53

• Region
• Operating system
• Architecture
• Launch permissions
• Storage for the root device

Question 54

For AMIs, what are the two types of storage for the root device? (2)

Answer 54

• Instance store (ephemeral storage)

- EBS backed volumes

Question 55

Can you reboot AMIs without losing your data?

Answer 55

Yes

Question 56

What are the differences between EBS backed volumes and instance store volumes? (4)

Answer 56

• Root device of an instance launched from an EBS backed volume AMI: an EBS volume created from an EBS snapshot
• Root device of an instance launched from an instance store volume AMI: an instance store volume created from a template stored in Amazon S3
• EBS backed instances can be stopped; you will not the data on the instance if stopped
• Instance store volumes cannot be stopped; if the underlying host fails, you will lose your data

Question 57

Can you share snapshots? If so, are there any limitations on this? (2)

Answer 57

• Yes, snapshots can be shared with other AWS accounts or made public
• You can only share snapshots if they are unencrypted

Question 58

If you take a snapshot of an encrypted volume, is the resulting snapshot encrypted?

Answer 58

Yes

Question 59

If a volume is restored from an encrypted snapshot, is the resulting volume encrypted?

Answer 59

Yes

Question 60

What is CloudWatch?

Answer 60

CloudWatch is a monitoring service to monitor your AWS resources, as well as the applications that you run on AWS

Question 61

Which compute functions can CloudWatch monitor? (4)

Answer 61

• EC2 instances
• Autoscaling groups
• Elastic load balancers
• Route53 health checks

Question 62

Which storage & content delivery functions can CloudWatch monitor? (3)

Answer 62

• EBS volumes
• Storage gateways
• CloudFront

Question 63

What is CloudTrail?

Answer 63

CloudTrail increases visibility into your user and resource activity by recording AWS Management Console actions and API calls

Question 64

What can CloudTrail identify? (3)

Answer 64

• Which users and accounts called AWS
• The source IP address from which the calls were made
• When the calls occurred

Question 65

What is the difference between CloudWatch and CloudTrail?

Answer 65

CloudWatch is performance monitoring, CloudTrail is CCTV (audit)

Question 66

Which host level metrics are available using CloudWatch? (4)

Answer 66

• CPU
• Network
• Disk
• Status check

Question 67

By default, how often does CloudWatch with EC2 monitor events?

Answer 67

5 minutes by default

Question 68

With detailed monitoring, how often can CloudWatch with EC2 monitor events?

Answer 68

Every minute

Question 69

What are the four key features of CloudWatch? (4)

Answer 69

• Dashboards
• Alarms
• Events
• Logs

Question 70

What do you need to enable in order to user the AWS command line interface?

Answer 70

Programmatic access (from IAM in the AWS console)

Question 71

What are the benefits of using IAM roles with EC2? (4)

Answer 71

• More secure than storing your access key and secret access key on individual EC2 instances
• Roles are easier to manage
• Roles can be assigned to an EC2 instance after it’s created, using console or command line
• Roles are universal, you can use them in any region

Question 72

What is Amazon Elastic File System?

Answer 72

Elastic File System (EFS) is a file storage service for Amazon EC2 instances

Question 73

What are the benefits of EFS? (6)

Answer 73

• Simple interface for creating + configuring file systems
• Elastic storage capacity, scalable up to petabytes
• Two EC2 instances can both reside on the same EFS (as opposed to one EBS per EC2)
• You only pay for the storage you use, no pre-provisioning required
• Data is stored across multiple availability zones within a region
• Read After Write consistency

Question 74

What are the three types of EC2 Placement Groups? (3)

Answer 74

• Clustered
• Spread
• Partitioned

Question 75

To what extent must the name of a placement group be unique?

Answer 75

Must be unique within your AWS account only, not globally unique

Question 76

Can you merge placement groups?

Answer 76

No, you can’t merge placement groups

Question 77

Can you move an existing instance into a placement group?

Answer 77

No, you can’t move an existing instance into a placement group

Question 78

What should you do if you’d like an existing instance to be within a placement group?

Answer 78

Create an AMI from the existing instance, then launch a new instance from the AMI into a placement group

Question 79

What is a clustered placement group?

Answer 79

A group of instances within a single Availability Zone

Question 80

For which applications is a clustered placement group suitable?

Answer 80

Applications that need low network latency and high network throughput

Question 81

Is it advisable to place multiple types of EC2 instances into a single clustered placement group?

Answer 81

No, AWS recommends that homogenous instances (same EC2 instance type) are placed within a clustered placement group

Question 82

What is a spread placement group?

Answer 82

A group of instances that are each placed on distinct underlying hardware

Question 83

For which applications is a spread placement group advisable and why?

Answer 83

• Applications that have a small number of critical instances that should be kept separate from each other
• Designed to protect your EC2 instances from hardware failure

Question 84

What “distinct underlying hardware” is each instance placed on in a spread placement group? (3)

Answer 84

• Different racks
• Within either the same or different Availability Zone(s)
• Always within the same region

Question 85

What is a partitioned placement group? (3)

Answer 85

• A group is divided into logical segments called partitions
• Partitions are comprised of 1 or more instance(s)
• No two partitions within a placement group share the same racks

Question 86

What “distinct underlying hardware” is each partition placed on in a partitioned placement group? (3)

Answer 86

• A rack per partition
• Within either the same of different Availability Zone(s)
• Always within the same region