Governance/Migration Flashcards

1
Q

What is Organizations?

A

allows you to create multiple AWS accounts and control them from a single location rather than having to jump from account to account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is best practice regarding logging over multiple AWS accounts?

A

Have one account aggregate all the logs (Cloudtrail supports this)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Can Organizations create and destroy AWS accounts?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Can reserved instances be shared across accounts?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If you want consolidated billing, what should you use?

A

Organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

If you want to set limits to what certain AWS accounts can do, what should you use?

A

Service Control Policies (SCP) in Organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can SCP’s be applied to the root account?

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is AWS RAM?

A

A free service that allows you to share AWS resources with other accounts and within your organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

If you don’t want to duplicate copies in different accounts but want to share resources, what should you use?

A

AWS RAM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When should you use AWS RAM vs VPC peering?

A

VPC peering is better for across regions, RAM is better for same region

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is cross-account role access?

A

temporary access to other accounts that is easily controlled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How often should roles be used in order to grant users access to certain resources or accounts?

A

All the time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How should temporary employees get access to resources?

A

Through roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Config?

A

An inventory management and control tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

If you need the ability to be alerted whenever a rule is violated, what should you use?

A

Config

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

If you need to enforce standards, what you should you use?

A

Config

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

If you want to track deleted AWS resources, what should you use?

A

Config

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is Directory Service?

A

a fully managed version of active directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is AD Connector?

A

A tunnel between AWS and your on premises AD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is Simple AD?

A

Standalone directory running in AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is Cost Explorer?

A

an easy to use tool that allows you to visualize your cloud costs?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

By what categorization is the common way to get reports from Cost Explorer?

A

resource tags

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

If you need to predict money spent for the upcoming month, what should you use?

A

Cost Explorer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is AWS Budgets?

A

allows organizations to track ongoing spending and create alerts to let users know when they’re spending close to thier limit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What are the 4 types of budgets you can create with Budgets?
Cost, Usage, Reservation, and Saving plans
26
What is AWS Cost and Usage Reports?
CUR is a service that gives a comprehensive cost and usage report
27
How often does AWS update the CUR?
daily
28
Can you use CUR's within Organizations?
Yes
29
Where do CUR's get stored?
S3
30
If you want a detailed or daily usage report, what should you use?
Cost Usage Report
31
What is AWS Compute Optimizer?
A service that analyzes the utilizations of AWS resources and provides reports and graphs to help you decide the best way to optimize resource usage
32
What must you do to get Compute optimizer?
Opt in
33
What are savings plans?
Ways to get deals on AWS compute, similar to RI's
34
What is trusted advisor?
a fully managed best practice auditing tool
35
What are the 5 areas trusted advisor looks over?
Cost optimization, performance, security, fault tolerance, service limits
36
Via what service does trusted advisor let you know things need changing?
SNS
37
How could you automate fixes that trusted advisor tells you you should make?
Eventbridge to trigger lamda functions
38
What is AWS Control Tower?
An easy way to set up and govern an AWS multi-account environment
39
If you want to automate account deployments, what should you use?
Control Tower
40
If you need to set up guardrails against noncompliant actions AWS accounts could do, what should you use?
Control Tower to leverage service control policies
41
If you need to manage software licenses with different vendors, what should you use?
AWS License Manager
42
What is AWS Health?
Gain visibility of resource performance and availability of AWS services or accounts
43
How can automate actions based on AWS Health alerts?
EventBridge
44
If you wanted to automate the rebooting of EC2 instances, what services would you utilize to do so?
AWS Health and EventBridge
45
What is AWS service catalogs?
allows organizations to create and manage catalogs of approved IT services
46
What is AWS Proton?
Creates and managed infrastructure and deployment tooling for users
47
If you want to automate infrastructure as code, what should you use?
AWS Proton
48
What is AWS Well-Architected Tool?
provides a consistent process for measuring cloud architectures and guides for making workloads more reliable, secure, efficient, and cost effective
49
What are the components of a well architected framework?
operational excellence, reliability, security, performance efficiency, cost optimization, sustainability
50
What two services are used for preventive and detective guardrails within AWS Control Tower?
AWS Config, AWS Organizations (for SCPs)
51
If you wanted a way to track AWS architecture and check for best practice violations, what should you use?
AWS Config
52
If you want to consolidate logs across multiple AWS accounts, what service should you use?
Organizations
53
What are three mediums of a migrating to AWS?
Over the internet, direct connect, or physically bundling it and delivering it to AWS
54
What is AWS Snow?
A delivery of harddrives meant for migrating your data to AWS
55
How much can snowcone transfer?
up to 8TB
56
How much can snowball transfer?
up to 81 TB
57
How much can snowmobile transfer?
up to 100 PB
58
Can the snow family bring AWS data to you?
Yes
59
What is the typical turnaround for AWS Snow?
a week
60
What is Storage Gateway?
A hybrid cloud storage service that helps you to merge on-prem resources with the cloud
61
What are typical use cases for Storage Gateway?
a one-time migration or long term pairing of your on prem architecture with AWS
62
if you want to back up on your on prem data to S3, what should you use?
file gateway
63
If you want to back up the drives of your on-prem machines to AWS, what should you use?
Volume Gateway
64
What is DataSync?
allows you to easily move data from on prem NFS and SMB shared to AWS storage solutions
65
What endpoints are there for DataSync?
S3, EFS, and FSx
66
What is the AWS Transfer Family?
allows you to easily move files in and out of S3 or EFS using SFTP, FTPS, or FTP
66
What is the AWS Transfer Family?
allows you to easily move files in and out of S3 or EFS using SFTP, FTPS, or FTP
67
If you need to bring legacy application storage to the cloud, what should you use?
AWS Transfer Family
68
What is AWS Migration Hub
A single place to track the progress of your application migration to AWS
69
What is AWS Application Discovery Service?
AN easy to way to migrate VM's to the AWS
70
What does AWS MGN offer?
Application migration service allows an automated lift and shift of migrating infrastructure to AWS
71
How is RTO measured?
seconds
72
How is RPO measured?
sub-seconds
73
What is AWS Database Migrations Service?
AWS DMS
74
What is AWS Database Migrations Service?
AWS DMS allows for easy migration of relational databases, data warehouses, noSQL databases, and other data stores to AWS
75
Can AWS DMS migrate data within AWS to another AWS service?
No, only into and out of AWS
76
Can you do one time migrations or ongoing migrations with AWS DMS?
both
77
What is AWS SCT?
AWS Schema Conversion Tool can convert database schemas from one engine to another
78
What is AWS SCT?
AWS Schema Conversion Tool can convert database schemas from one engine to another
79
What is a full load migration?
all existing data is moved from source to target in parallel
80
What is a full load and change data capture migration
full load migration plus it loads any changes occurred during the migration
81
What is change data capture migration?
Only migrate the changes made in the database
82
What type of migration is the only one to guarantee transactional integrity?
CDC migration
83
What service would you use to migrate a database from on-premises to RDS?
Database migration service
84
What would be the best service to utilize to migrate 80T of data into S3 if you have limited bandwidth at your data center?
Snowball
85
What service would you use for a one time migration of data into AWS if costs are a factor?
AWS DataSync