Hybrid Environment and Migration

Question 1

What is AWS Directory Service?

Answer 1

Directory Service is an AWS managed implementation of a directory.

Question 2

In AWS Directory Service, can multiple trees can be grouped into a forest?

Answer 2

Yes.

Question 3

What do Directories store?

Answer 3

Directories store objects (e.g. Users, Groups, Computers, Servers, File Shares) with a structure (domain/tree).

Question 4

True/False. Directory Service runs from within a VPC.

Answer 4

True.

Question 5

True/False. Some AWS services such as Amazon Workspaces NEED a directory in order to operate.

Answer 5

True.

Question 6

What options are available with AWS Directory Service?

Answer 6

1. Simple AD - An implementation of Samba 4 (compatible with basic AD functions)
2. AWS Managed Microsoft AD - An actual Microsoft AD DS Implementation
3. AD Connector - proxies requests back to an on-premises directory

Question 7

What is AWS site-to-site VPN?

Answer 7

AWS Site-to-Site VPN is a hardware VPN solution which creates a highly available IPSec VPN between an AWS VPN and an external network such as a traditional on-premises network.

Question 8

What is the difference between Direct Connect and VPN?

Answer 8

VPNs are quicker to setup than Direct Connect and encrypt data in transit, but they don’t offer the same high performance.

Question 9

Can Site-to-Site VPNS provide HA?

Answer 9

AWS Site-to-Site VPN can be fully highly available if designed and implemented correctly.

Question 10

What is the max speed of a VPN?

Answer 10

The AWS “speed limit” for VPNs is 1.25GB per second throughput.

Question 11

What is AWS Transfer Family?

Answer 11

AWS Transfer Family is a secure transfer service that enables us to transfer files into and out of AWS storage services.

Question 12

True/False. AWS Transfer Family does not support transferring data to or from S3 and EFS NFS file systems.

Answer 12

False. AWS Transfer Family SUPPORTS transferring data to or from S3 and EFS NFS file systems.

Question 13

What protocols does AWS Transfer Family support?

Answer 13

1. Secure Shell (SSH) File Transfer Protocol (SFTP)
2. File Transfer Protocol Secure (FTPS)
3. File Transfer Protocol (FTP)
4. Applicability Statement 2 (AS2)

Question 14

How are AWS Transfer Family costs calculated?

Answer 14

The costs associated with AWS Transfer Family are based on provisioned servers per hours and data transferred.

Question 15

What is AWS DataSync?

Answer 15

AWS DataSync is a data transfer service that can transfer large scale data (large amounts of data or high quantity of files) to and from AWS.

Question 16

How does AWS DataSync work?

Answer 16

DataSync keeps metadata (e.g. permissions/timestamps) and also has built in data validation so that you can confirm your data post-transfer matches the original data.

Question 17

Can scheduling be used with AWS DataSync.

Answer 17

Yes. Schedules can be set to ensure the transfer of data occurs during or outside of specific time periods.

Question 18

True/False. AWS DataSync Agents are software used to read on-premises data stores using NFS or SMB.

Answer 18

False. AWS DataSync Agents are software used to read OR WRITE TO on-premises data stores using NFS or SMB.

Question 19

How are AWS DataSync agents deployed?

Answer 19

Agents run on a virtualization platform such as VMWare and communicate with AWS DataSync Endpoints.

Question 20

What is AWS Direct Connect?

Answer 20

AWS Direct Connect links our internal network to an AWS Direct Connect location over a standard Ethernet fiber-optic cable.

One end of the cable is connected to our router, while the other is connected to an AWS Direct Connect router.

Question 21

What speeds can an AWS Direct Connect provide?

Answer 21

This physical connection can be 1, 10, or even 100GB per second (at the time of this writing).

Question 22

Are AWS Direct Connects owned by AWS?

Answer 22

Direct Connect (DX) Locations are not owned by AWS, AWS simply has space and equipment there.

Question 23

AWS Regions typically do not have multiple DX locations, and they are usually located in major data centers in metro areas.

Answer 23

False. AWS Regions typically HAVE multiple DX locations, and they are usually located in major data centers in metro areas.

Question 24

What is IPSec in a VPN?

Answer 24

IPSec is a group of protocols used to set up encrypted connections between devices. You can think of it as setting up secure tunnels across otherwise insecure networks. Ipsec keeps data sent over public networks secure and is often used to set up VPNs. It works by encrypting IP packets along with authenticating the source where the packets come from.

Question 25

What are Snowball, Snowball Edge, and Snow Mobiles?

Answer 25

These are three parts of the same product family designed to allow the physical transfer of data between business locations and AWS.

Question 26

What is AWS Snowball?

Answer 26

Snowball is a 50TB or 80TB device ordered from AWS. It tends to be economical to use this device when we need 10TB-10PB of data transferred. Multiple Snowball devices can be sent to multiple premises. Snowball devices contain only storage, and NOT compute.

Question 27

What is AWS Snowball Edge?

Answer 27

Snowball Edge comes with both storage and compute capacities. Ideal for remove sites or where data processing on ingestion is needed.

Question 28

What is AWS Snow Mobile?

Answer 28

Portable datacenter within a shipping container on a truck. Ideal for a single location when 10PB+ is required. It’s generally not economical for multi-sites, or sub 10PB.

Question 29

What is AWS Storage Gateway?

Answer 29

Storage Gateway is a product which can be used for migrations from on-premises to AWS, extensions of a datacenter into AWS, storage tiering, disaster recovery, and replacement of backup systems.

Question 30

What modes are supported with AWS Storage Gateway?

Answer 30

Storage Gateway can be used in Volume, Tape, and File modes.

Question 31

What two modes can be used by AWS Storage Gateway Volume?

Answer 31

Storage Gateway Volume mode can be run in one of two sub-modes: Volume Stored, Volume Cached.

Question 32

What is Volume Stored mode in AWS Storage Gateway Volume?

Answer 32

All data is stored locally. This mode is great for ‘full disk’ backups of servers. This mode is great for disaster recovery because it can be used to create EBS volumes in AWS using its EBS Snapshots. The weakness of this mode is that it doesn’t improve datacenter capacity.

Question 33

What is Volume Cached mode in AWS Storage Gateway Volume?

Answer 33

All data is stored in AWS Managed part of S3, and then the frequently accessed data is cached locally.

Question 34

What is Storage Gateway in VTL mode?

Answer 34

Storage Gateway in VTL mode allows for replacing a tape-based backup solution with one that uses S3 and Glacier rather than physical tape media.

Question 35

What is Storage Gateway File?

Answer 35

Bridges on-premises file storage and S3 storage via Mount Points available over via NFS or SMB. Files stored into a mount point, are visible as objects in an S3 bucket. File Gateway doesn’t support Object Locking. This means that theoretically, two people could edit/overwrite the same file at the same time and data could be lost.

Question 36

What is AWS Transit Gateway?

Answer 36

The AWS Transit gateway is a networking gateway that can be used to simplify networking between VPCs, VPNs, and Direct Connect.

Question 37

Does Transit Gateway support multiple route tables?

Answer 37

TGWs supports multiple route tables, thus allowing for complex routing architectures.

Question 38

True/False. TGWs supports transitive routing.

Answer 38

True.

Question 39

True/False. TGWs cannot be used to create global networks by connecting multiple TGWs together.

Answer 39

False. TGWs CAN be used to create global networks by connecting multiple TGWs together.