{ "@context": "https://schema.org", "@type": "Organization", "name": "Brainscape", "url": "https://www.brainscape.com/", "logo": "https://www.brainscape.com/pks/images/cms/public-views/shared/Brainscape-logo-c4e172b280b4616f7fda.svg", "sameAs": [ "https://www.facebook.com/Brainscape", "https://x.com/brainscape", "https://www.linkedin.com/company/brainscape", "https://www.instagram.com/brainscape/", "https://www.tiktok.com/@brainscapeu", "https://www.pinterest.com/brainscape/", "https://www.youtube.com/@BrainscapeNY" ], "contactPoint": { "@type": "ContactPoint", "telephone": "(929) 334-4005", "contactType": "customer service", "availableLanguage": ["English"] }, "founder": { "@type": "Person", "name": "Andrew Cohen" }, "description": "Brainscape’s spaced repetition system is proven to DOUBLE learning results! Find, make, and study flashcards online or in our mobile app. Serious learners only.", "address": { "@type": "PostalAddress", "streetAddress": "159 W 25th St, Ste 517", "addressLocality": "New York", "addressRegion": "NY", "postalCode": "10001", "addressCountry": "USA" } }

Everything Flashcards

(140 cards)

1
Q

Region

A

A cluster of data centers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Availability Zones

A

Each region has many AZs. Each AZ has one or more discrete data centers with redundant power, networking, and connectivity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

3 Options to access AWS:

A

1) AWS Console - protected by password and MFA
2) (CLI) Command Line Interface - protected by access keys
3) (SDK) Software Developer Kit - for CODE, protected by access keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AWS Cloudshell

A

(Account- Level)
Way to access AWS. An alternative to installing CLI is Cloudshell.

Quicker & easier.

Allows you to run AWS commands from the browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IAM Credentials Report

A

audit permissions of your account

report lists users and status of credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IAM Access Advisor

A

(User-Level)
Shows the service permissions granted to a user and when those services were last accessed (can use this info to revise policies)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Is EC2 PaaS, Iaas, or Saas?

A

IaaS - Infrastructure as a service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

EC2

A

Renting virtual machines (BRAIN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

EBS Volumes

A

“Elastic Block Storage”

Storing data on virtual network drives
(STORAGE for EC2)

Network drive you can attach to your instances while they run & allows you instance to persist data

  • One instance at a time (2 EBS can be on 1 instance)(they can also standalone/not attached at all)
  • One AZ
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ELB

A

Distributing loads across machines

(Scalability) Horizontal

ELBs are servers that forward internet traffic to multiple servers (EC2 instances) downstream

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ASG

A

Scaling the services using auto-scaling groups

Horizontal scalability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

EC2 Reserved Instances

A

*Like a “soft” version of a dedicated host

75% discount compared to on-demand

reserve a specific instance type

recommended for steady-state usage applications (like databases)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

EC2 Dedicated Hosts

A

a PYSICAL server with EC2 instance capacity dedicated to your use

  • helps address compliance requirements
  • (BYOL) Bring your own license
  • more expensive $
  • 3 years
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Security Groups

A

firewall attached to the EC2 instance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Snapshot

A

To move an EBS volume from one AZ to another, you first have to snapshot it

It’s for a backup anytime you want

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

JSON Documents

A

IAM - can be assigned to users and groups allowing users to use certain services in AWS

*policies define the permissions to users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

AMI

A

“Amazon Machine Image”

A CUSTOMIZATION of an EC2 instance - create ready to use EC2 instances with our customizations

built region specific (1 region)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

EC2 Image Builder

A

used to automate the creation of Virtual Machines or container images

Automatically build, test, and distribute AMIs in multiple regions

Free service

Allows to be truly global

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

EFS

A

“Elastic File System”

NETWORK/Shared file system

Storage that can be mounted to HUNDREDS of instances at a time

Multiple AZs

Highly scalable. No capacity planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

EC2 Instance Store

A

Storage for EC2

High performance hardware disk attached to our EC2 instance

lost if the EC2 instance is stopped/terminated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Vertical Scalability

A

increase the size of the instance

ex: change from t2.micro –> t2.large

Usually a limit on how much you can vertically scale b/c of HARDWARE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Horizontal Scalability

A

increase the NUMBER of instance for an application (rather than size)

ex: auto-scaling group (ASG) & load balancer (ELB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

High Availability

A

Multi-AZs

Goal to survive a data center loss (Disaster)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Scalability

A

ability to accommodate a larger load by making the HARDWARE stronger (scale up) or by adding nodes (scale out)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Elasticity
Cloud-friendly, match demand, optimize costs means that there will be some auto-scaling based on load
26
Agility
DISTRACTOR - not related to scalability or elasticity means new IT resources are only a click away in the cloud
27
Is Elastic Load Balancer (ELB) managed or not managed?
MANAGED by AWS
28
Auto-Scaling Groups
in the cloud you can create and get rid of servers quickly -- as load on your websites and applications change
29
S3
STORAGE infinite scaling!
30
Buckets
S3 allows people to store "objects" (files) in buckets (directories) must have globally unique name defined at the region level buckets are created in a region
31
How to encrypt in S3?
Encrypt objects in Amazon S3 using encryption keys
32
S3 Websites
S3 can host STATIC websites and have them accessible on the www.
33
Why is it best to use S3 Versioning?
- protects against unintended deletes (ability to respond to a version) - easy to roll back to previous version - suspending versions does NOT delete the previous versions
34
S3 Access Logs
* for audit purposes - log all access to S3 buckets - any request make to S3 from any account (authorized or denied) - helpful to figure out the root cause of an issues, audit usage, view suspicious patterns
35
CRR
S3 Replication Cross-region replication Use Cases = compliance, lowering latency access, replication accounts accounts
36
SSR
S3 Replication Same-region replication Use Cases = log aggregation, live replication between production and test accounts
37
S3 Storage Classes: S3 Standard - General Purposes
99.999% availability used for frequently access data low latency sustains 2 concurrent facility failures Use Case = big data analytics, mobile and gaming apps, content distribution
38
S3 Storage Classes: S3 Standard - Infrequent Access (IA)
for data less frequently accessed, but requires rapid access when needed lower 99.9% availability lower cost compared to standard retrieval fee sustains 2 concurrent facility failures Use Case = disaster recovery, backup
39
S3 Storage Classes: S3 Intelligent-Tiering
99.9% availability Cost-Optimized - by automatically moving objects between two access tiers based on changing access patterns: frequent & infrequent Resilient against events that impact entire AZs
40
S3 Storage Classes: S3 One Zone - Infrequent Access (IA)
Same as reg infrequent access, but data stores in a single AZ 99.5% availability lower cost than S3-IA (by 20%) Use Case = storing secondary backup data copies of on-prem data
41
Amazon Glacier
low cost object storage meant for archiving & backup data retained for years various retrieval options of time & fees
42
Glacier Deep Archive
cheapest! standard: 12 hours bulk: 48 hours
43
S3 Lifecycle Rules
transition objects between classes
44
S3 Glacier Vault Lock/ S3 Object Lock
WORM - write once read many
45
Snow family
physical device to import data or edge computing
46
OpsHub
Software to manager Snow family devices
47
Storage Gateway
Hybrid solution to extend/bridge on-prem storage to S3
48
Relational Databases
looks like excel spreadsheets "sequal" | perform queries/lookups
49
NoSQLDatabases
``` not sequal not relational FLEXIBLE Scalable High performance ``` ex: JSON is a common form of data in NoSQL
50
If a Database is AWS managed, what is AWS responsibility?
patching automatic backup, restore, upgrades monitoring alerts
51
Elasticache
In memory database helps reduce load of databases for read intensive workloads faster than main RDS database for read/write
52
DynamoDB
Serverless database *Key/value database* NoSQL - not relational scales MASSIVE workloads, low latency
53
DAX
Dynamo DB accelerator use instead of Elasticash for DynamoDB only
54
Redshift
Database OLAP (Online Analytical Processing) Analytics & data warehousing (ex: Tableau integrated with it)
55
EMR
Database Elastic Map Reduce HADOOP CLUSTERS (for big data)
56
Athena
Serverless database SQL used to query data in S3
57
Quicksight
Serverless machine learning to create INTERACTIVE DASHBOARDS on your data
58
Document DB
NoSQL Database for MONGO DB fully managed
59
Amazon Neptune
managed GRAPH database | a social network
60
QLDB
database Financial Transations Ledger $$ CENTRALIZED immunable crytopgraphic
61
Managed Blockchain
database Hyperledger DECENTRALIZED
62
Glue
Managed database | ELT (Extract, Transform, Load) for analytics
63
DMS
Database Migration Service
64
Docker
(other compute) | container technology to run APPLICATIONS
65
ECS
(other compute) | run docker containers on EC2 instances
66
Fargate
(other compute) SERVERLESS - Run docker containers without provisioning the infrastructure no EC2 instance needed
67
ECR
(other compute) "Elastic Container Registry" Private docker image repository
68
Lightsail
(compute) | Simple for those with little cloud experience; simple, low pricing
69
Lambda
Compute SERVERLESS FaaS (Function as a service) Event-driven: Bills by runtime and requests/incidents (per call/per duration) Use Case = create thumbnails of images onto S3 run; run a serverless job
70
CloudFormation
{Deployment} AWS only Infrastructure as CODE works w/almost any AWS resource repeat code across regions and accounts
71
Beanstalk
{Deployment} AWS only Platform as a Service (PaaS)
72
CodeDeploy
HYBRID deploy & upgrade any application onto servers
73
Systems Manager
HYBRID | patch, config, and run commands *at scale*
74
Ops Works
HYBRID | *Chef & Puppet*
75
Route 53
{Leveraging Global Infrastructure} Managed DNS - Domain Name System Great to route users to the closest deployment with least latency
76
CDN (Global Content Delivery Network)
{Leveraging Global Infrastructure} Replicate part of your cloud app to edge locations Decrease latency Cache common requests
77
S3 Transfer Acceleration
{Leveraging Global Infrastructure} Accelerate global uploads & downloads into S3
78
AWS Global Accelerator
{Leveraging Global Infrastructure} Improve global application availability & performance using the AWS global network
79
AWS Outposts
{Leveraging Global Infrastructure} Deploy outposts racks in your own data center on-prem to extend AWS services
80
SQS (Simple Queue Service)
{Cloud Integrations} to DECOUPLE applications in AWS QUEUE service
81
SNS (Simple Notification Service)
{Cloud Integrations} - 2nd way to decouple (from SQS) - What if you want to send one message to many receivers? - *Event subscribers & event notifications* Email, SMS, or mobile notifications
82
Kinesis
{Cloud Integrations} Real-time data streaming & analysis
83
Amazon MQ
{Cloud Integrations} Managed Apache MQ in the cloud *think apache MQ - like MJ/ Nick apache helicopters
84
Cloud Watch
{Cloud Monitoring} * Metrics - monitor performance & billing * Alarms - automate notification, perform EC2 action, notify to SNS * Logs - collect log filed from EC2 instances, servers, Lambda functions * Events (Eventbridge)- react to events in AWS or trigger rule on schedule
85
CloudTrail
{Cloud Monitoring} to AUDIT API calls made within AWS account
86
CloudTrail Insights
{Cloud Monitoring} | Automated analysis of Cloudtrail events unusual activity
87
X-Ray
{Cloud Monitoring} trace requests made through your distributed applications
88
Service Health Dashboard
{Cloud Monitoring} status of all SERVICES across all regions
89
Personal Health Dashboard
{Cloud Monitoring} AWS events that impact YOU (remediation)
90
Shield
{Security & Compliance} automatic DDoS protection (24/7 for advanced shield)
91
WAF
{Security & Compliance} Web Application FIREWALL
92
KMS
{Security & Compliance} Key Management Service Encryption keys managed by AWS
93
Cloud HSM
{Security & Compliance} Hardware encryption, AWS provisions hardware, but customer manages it (encryption keys)
94
Artifact
{Security & Compliance} Get access to compliance reports
95
GaurdDuty
{Security & Compliance} find malicious behavior w/VPC, DNS, & CloudTrail logs
96
Inspector
{Security & Compliance} for EC2 only - install agent and find vulnerabilities
97
Config
{Security & Compliance} track configuration changes and compliance against rules
98
Macie
{Security & Compliance} SENSITIVE DATA (Personal) in S3 bucket
99
CloudTrail
{Security & Compliance} Track API calls by users in account automate security across accounts
100
AWS Security Hub
{Security & Compliance} gather security findings from many sources IN ONE PLACE
101
Detective
{Security & Compliance} Find root cause of security/suspicious activities
102
AWS Abuse
REPORT IT
103
What are the Root User only privileges?
Root User: - Access owner - access to ALL services - Don't use for everyday tasks Only Root User Can: * ** change account setting * view tax statements * ** close AWS accounts * restore IAM permissions * ** change AWS support plan * ** register as a seller in reserved marketplace * sign up for GovCloud * enable MFA * edit/delete S3 bucket policy
104
Rekognition
{Machine Learning} FACE DETECTION
105
Transcribe
{Machine Learning} Audio to text (ex: subtitles)
106
Polly
{Machine Learning} Text to Audio
107
Translate
{Machine Learning} Translations
108
Lex
{Machine Learning} Chatbots (Conversational/ intention) Powers Alexa
109
Connect
{Machine Learning} Cloud Contact Center used in conjunction with Lex
110
Comprehend
{Machine Learning} Natural language processing
111
SageMaker
{Machine Learning} for developer/data scientist build, train, & deploy ML
112
TCO Calculator
{Billing & Costs} Used to estimate costs for migrations from on-prem
113
AWS Pricing Calculator
{Billing & Costs} used to estimate cost of architecture / solution
114
Billing Dashboard
{Billing & Costs} High level costs for the month
115
Cost Allocation Tags
{Billing & Costs} Detailed logs/categories
116
Cost & Usage Reports
{Billing & Costs} Most Comprehensive!!
117
Cost Explorer
{Billing & Costs} Used to FORCAST Visual/detailed
118
{Account Best Practices} To operate multiple accounts, use ____
Organizations
119
{Account Best Practices} Use ___ to restrict account power
SCP (Service Control Policies)
120
{Account Best Practices} Easily set up multiple accounts with best practices with the ____
AWS Control Tower
121
{Account Best Practices} Use _____ for easy management and billing.
Tags & Cost Allocation tags
122
{Account Best Practices} What are the IAM guidelines?
* MFA * Least privilege * password policy * password rotation
123
If your account is compromised you should ...
Change the root password. Delete & rotate all passwords/keys Contact AWS Support
124
IAM
Identity & access management inside your AWS account for users that you trust & belong to your company
125
Organizations
manage multiple AWS accounts
126
Cognito
to create a database of users for your mobile and web applications ex: Facebook users
127
Directory Services
to integrate Microsoft Active Directory in AWS
128
Single SignOn (SSO)
provides one login for multiple AWS accounts & applications
129
Workspaces
{Other Random Services to know} DESKTOP as a Service (DaaS) to provision Windows or Linex desktops for it someone wants a desktop in the cloud *Virtual Desktop Infrastructure (VDI)
130
AppStream 2.0
{Other Random Services to know} Desktop application service app delivered from a browser no need to connect to VDI works with any device!
131
Sumerian
{Other Random Services to know} create and run virtual reality (VR) and augmented reality (AR) 3D MODELS! (animate them to look alive) ex: bird example in course
132
AWS IoT Core
{Other Random Services to know} "Internet of Things" The network on internet connected devices that are able to connect to the cloud serverless Ex: Cars, light, Boat, etc.
133
Elastic Transcoder
{Other Random Services to know} used to convert media filed stores in S3 into media files compatible with playback devices (Phones, tablets)
134
What are the Well Architected Framework, General Guiding Principles?
1. stop guessing capacity needs 2. test system at production scale 3. automate to make experimentation easier 4. allow for evolutionary architectures 5. drive using data 6. improve through gam days (simulate)
135
What are the Best Practices - Design Principles?
1. Scalability - vertical & horizontal 2. Disposable Resources - servers should be disposable and easily configured 3. Automation - serverless, auto-scaling 4. Lose Coupling - smaller, loosely coupled components (no cascading failure) 5. Think "Services" not Servers
136
``` #1 Pilar Operational Excellence ```
``` operation as code annotate documentation make frequent, small, reversible changes refine operational procedures frequently anticipate failure learn from failure ```
137
``` #2 Pilar Security ```
Protect through risk assessment and migration strategies ``` strong identity foundation enable traceability apply security to all layers automate security protect data in transit and at rest keep people away from data prepare for security events ```
138
``` #3 Pilar Reliability ```
agility to recover from disruptions ``` test recovery principles automate recovery auto-scaling (stop guessing capacity) scale horizontally manage in automation (use automation to make changes to infrastructure) ```
139
``` #4 Pilar Performance Efficiency ```
adapting & providing the best performance ``` advanced technologies server less global in mins experiment more often mechanical sympathy - be aware of all services that exist ```
140
``` #5 Pilar Cost Optimization ```
Business value at lowest cost point pay only for what you use measure efficiency: CloudWatch stop spending $ on data center operations use tags for billing use manages services (reduce cost of ownership)