Integration, Messaging, & Access

Question 1

What are the two main patterns for application communication?

Answer 1

Synchronous and Asynchronous/Event-based.

Question 2

What AWS service is used for asynchronous queue-based communication?

Answer 2

Amazon SQS.

Question 3

What AWS service is used for pub/sub messaging?

Answer 3

Amazon SNS.

Question 4

What AWS service is used for real-time data streaming?

Answer 4

Amazon Kinesis.

Question 5

What is the default message retention period in SQS?

Answer 5

4 days (can be increased up to 14 days).

Question 6

What is the max message size in SQS?

Answer 6

256 KB (larger messages require SQS Extended Client).

Question 7

What is a Dead Letter Queue (DLQ) in SQS?

Answer 7

A secondary queue for messages that can’t be processed after multiple attempts.

Question 8

What is SQS Long Polling?

Answer 8

A method to wait for messages, reducing empty responses and API calls.

Question 9

What is SQS FIFO queue used for?

Answer 9

For strict message ordering and exactly-once processing.

Question 10

How is message deduplication handled in SQS FIFO?

Answer 10

Using content-based deduplication or explicit deduplication ID.

Question 11

What is Amazon SNS used for?

Answer 11

To send messages to multiple subscribers (Pub/Sub model).

Question 12

What is the fan-out pattern in SNS?

Answer 12

SNS topic sends the same message to multiple SQS queues.

Question 13

What is Kinesis Data Streams used for?

Answer 13

To capture, process, and store real-time streaming data.

Question 14

What are Kinesis capacity modes?

Answer 14

Provisioned and On-Demand.

Question 15

What is the throughput per shard in Kinesis provisioned mode?

Answer 15

1 MB/s input, 2 MB/s output.

Question 16

What are the consumer types in Kinesis?

Answer 16

Shared (Classic) Fan-out and Enhanced Fan-out.

Question 17

What is Amazon Kinesis Data Firehose?

Answer 17

A fully managed service to load streaming data into AWS data stores.

Question 18

What is Kinesis Data Analytics used for?

Answer 18

To analyze streaming data using SQL or Apache Flink.

Question 19

How is data ordering managed in Kinesis?

Answer 19

Using partition keys to route data to the same shard.

Question 20

How does SQS FIFO handle message ordering?

Answer 20

Using message group IDs for ordered processing within groups.

Question 21

What is the key difference between SQS and SNS?

Answer 21

SQS is a pull-based queue, SNS is a push-based pub/sub system.

Question 22

What is the key use case of Kinesis over SQS?

Answer 22

Real-time big data analytics, streaming ETL, and reprocessing data.

Question 23

What is AWS Cognito used for?

Answer 23

To provide user identities and enable secure access to web and mobile applications.

Question 24

What is a Cognito User Pool?

Answer 24

A serverless user directory for managing sign-up, sign-in, and user profile management.

Question 25

What is a Cognito Identity Pool?

Answer 25

A service to grant users temporary AWS credentials to access AWS services.

Question 26

How do Cognito User Pools integrate with apps?

Answer 26

They integrate with API Gateway and Application Load Balancer for authentication.

Question 27

What kind of login does Cognito User Pool support?

Answer 27

Username/email and password, with optional MFA.

Question 28

What is the use of JWT in Cognito?

Answer 28

It is a JSON Web Token used to authenticate and transfer user claims.

Question 29

What is Cognito Hosted UI?

Answer 29

A customizable web UI for user authentication provided by Cognito.

Question 30

What is Adaptive Authentication in Cognito?

Answer 30

It evaluates risk scores and prompts MFA for suspicious logins.

Question 31

What are Cognito Lambda Triggers?

Answer 31

Custom code hooks triggered during the authentication flow.

Question 32

What is required for Cognito custom domains?

Answer 32

An ACM certificate in us-east-1 and configuration in App Integration.

Question 33

How does ALB use Cognito for authentication?

Answer 33

It offloads user authentication to Cognito using HTTPS listeners.

Question 34

What are the benefits of using Cognito with ALB?

Answer 34

Simplifies auth logic by letting ALB handle user authentication.

Question 35

What identity sources does Cognito Identity Pool support?

Answer 35

Public providers, Cognito User Pools, OIDC, SAML, developer identities.

Question 36

What is unauthenticated access in Identity Pools?

Answer 36

Allows guest users to access AWS services with limited permissions.

Question 37

How does Identity Pool grant AWS credentials?

Answer 37

Using STS and IAM roles based on user identity and policy rules.

Question 38

What are IAM roles in Cognito Identity Pools?

Answer 38

Roles assigned to authenticated and guest users to control access.

Question 39

How do CUP and CIP differ?

Answer 39

CUP is for authentication; CIP is for authorization.

Question 40

Can Cognito support federated identities?

Answer 40

Yes, via User Pools and Identity Pools using OIDC, SAML, and social logins.

Question 41

How can sign-in risk be mitigated in Cognito?

Answer 41

By using adaptive authentication and MFA.

Question 42

What is the trust relationship in IAM roles for Identity Pools?

Answer 42

A trust policy must allow Cognito Identity Pools to assume the role.