Miscellaneous Flashcards
(151 cards)
1
Q
cAWS Acceptable Use Policy
A
provides info on prohibited actions on the AWS.
2
Q
AWS Services where users can collect, view, and analyze metrics for every active SNS
A
Amazon SNS and Amazon CloudWatch
3
Q
AWS CloudTrail
A
service logging all API calls made in your AWS account, for compliance and auditing
4
Q
Which component of the AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery?
A
Edge Locations
- uses a global network of points of presence PoP (edge locations) worldwide.
5
Q
AWS Secrets Manager
A
store, retrieve, monitor secrets centrally.
ex: database credentials
6
Q
AWS Management Console
A
used to access and manage AWS through a web-based user interface.
7
Q
AWS Shield
A
managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.
8
Q
AWS Trusted Advisor
A
recommendations/guidance that help you follow AWS best practices; w/ cost optimization, security, performance.
9
Q
CloudWatch
A
monitoring service, collects metrics, can set billing alarms for your AWS resources
10
Q
AWS Budgets
A
billing notification when your actual or forecasted costs exceed your budgeted amount
11
Q
Difference between AWS Budgets and Amazon CloudWatch billing alarms?
A
Amazon CloudWatch billing alarms alert you only when your actual cost exceeds a certain threshold, while AWS Budgets can be configured to alert you when the actual or FORECASTED cost exceeds a certain threshold.
12
Q
3 Cloud Computing Models
A
IaaS
PaaS
Saas
13
Q
IaaS
A
Infrastructure as a Service (IaaS) - provides flexibility and management control over your IT resources (EC2 is IaaS)
14
Q
PaaS
A
Platform as a Service (PaaS) -
manages infrastructure (hardware and operating systems). you focus on the deployment and management of your applications.
15
Q
SaaS
A
Software as a Service (SaaS) provides you with a completed product that is run and managed by the provider.
16
Q
TAM (Technical Account Manager)
A
Enterprise customers.
Provides technical expertise of AWS services
17
Q
Infrastructure Event Management (IEM)
A
Enterprise customers.
helps you plan for large-scale events
( such as product or application launches )
18
Q
AWS Cost & Usage Report
A
most detailed information about your AWS costs and usage.
19
Q
AWS Pricing Calculator
A
web service, estimate cost for your AWS monthly bill based on your expected (FUTURE) usage
20
Q
AWS Systems Manager
A
view operational data and automate tasks from multiple AWS services
21
Q
CloudFront
A
content delivery network (CDN) service that securely delivers data, video, apps TO customers globally with low latency & high speed
22
Q
CloudFormation
A
allows you to manage your AWS resources as code in text file
23
Q
Amazon Kinesis Video Streams
A
lets you stream videos from devices TO AWS for analytics in real time.
24
Q
AWS Organizations
A
helps manage billing and all your AWS accounts;
25
AWS Config
helps AWS customers audit and monitor all resource change
26
AWS Artifact
portal to your AWS agreements, security and compliance reports
27
AWS Certificate Manager
service to manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services
28
AWS Support Concierge
***Enterprise Support plan***; assist customers w/ billing and account inquiries
29
AWS Customer Service
all aws customers have. they help AWS customers with their billing and account inquiries
30
AWS Operations Support
Enterprise Support plan; provides operations assessments and analysis to identify gaps across the operations lifecycle, as well as recommendations based on best practices.
31
AWS Health Dashboard
Business Support Plan.
view of the health of AWS services, and alerts when your resources are impacted.
32
Penetration testing
testing a network or web app to find security vulnerabilities (that an attacker could exploit. security related.)
33
Amazon ElastiCache
web service helps deploy, scale in-memory data store or cache in the cloud. improves the performance of web apps.
provide ultrafast and inexpensive access to copies of data
34
AWS Storage Gateway
(bridge) a hybrid storage service that enables your on-premises applications to seamlessly use AWS cloud storage.
35
Amazon EBS volume
Elastic Block Store
storage option; offer consistent and low-latency performance;
**** can only be attached to 1 compute resource at a time
36
AWS OpsWorks
service that provides managed instances of Chef and Puppet.
Chef and Puppet are automation platforms, use code to automate the configs of your servers
37
AWS Abuse Team
team can assist you when AWS resources are being used to engage in abusive behavior
37
AWS Abuse Team
team can assist you when AWS resources are being used in abusive behavior
38
Amazon Simple Queue Service (SQS)
message queuing service that enables message communication between components of an application.
- enables you to DECOUPLE (build loosely-coupled) and scale microservices
39
Snowball
petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud.
w/ built-in computing capabilities that allow to process data locally
40
Amazon VPC
Virtual Private Cloud (Amazon VPC)
Non-managed AWS service you provision an isolated section of the AWS Cloud where you launch AWS resources in a virtual network.
41
AWS Cost Explorer
tool to visualize your costs and usage.
forecasts your future costs based on your PAST usage
42
Edge locations
used by CloudFront to cache and distribute content to your global customers with low latency.
43
Amazon Inspector
security service that helps you improve / test the security and compliance of your apps on AWS.
44
Amazon Aurora
MySQL and PostgreSQL-compatible relational database built for the cloud. (automatically replicate data across Availability Zones.)e
45
Amazon Athena
query service to analyze data in Amazon S3 using SQL. (like Amazon Redshift Spectrum)
46
Auto Scaling
automatically replaces unhealthy nodes and adjusts capacity to maintain app performance
47
What service does AWS provide to help protect AWS Customers from attacks?
Amazon Route 53, Amazon CloudFront, Elastic Load Balancing, and AWS WAF. These services integrate with AWS Shield
48
AWS Shield
managed DDoS protection service that provides always-on detection and automatic inline mitigations to safeguard web applications running on AWS.
49
Cloud9
cloud based IDE
50
Which cloud computing model is EC2?
IaaS
51
APN consulting partners
firms that help customers design, architect, build their workloads and apps on AWS.
52
AWS CLI
control multiple AWS services from the command line & scripts
53
Route 53
DNS (Domain Name System) config/management.
can perform health checks on Amazon EC2 instances
managing global application traffic
54
Elasticity
scale the resources dynamically, by adding and removing resources.
ability to scale up or down when needed.
55
Scalability
adding resources, either making hardware larger (scaling vertically) or adding additional nodes (scaling horizontally).
56
TCO
Total Cost of Ownership (TCO) financial metric to compare costs of a product
57
AWS NACL
Network Access Control Lists
used to check the network accessibility of your EC2 instances
58
Multi-Region Active-Active architecture
your workload is deployed to, and actively serving traffic from, multiple AWS Regions
59
Multi-Region Active-Passive architecture
your workload is deployed to two AWS Regions
60
Savings Plans are available for which AWS compute services? (2)
Lambda and EC2
61
AWS Beanstalk
easy-to-use service for deploying and scaling web apps w/ code
62
AWS Transit Gateway
simplifies how customers interconnect all of their VPC
63
AWS Service Catalog
create and manage IT services for AWS
64
AWS SDK
use AWS services in your apps with API using your programming language
65
Amazon (EMR)
Elastic MapReduce (AWS-Managed Service)
process large amounts of data sets
66
High availability
eliminating single points of failure.
- achieved by deploying your app in multiple Availability Zones in a single Region
- A system is highly available when it can withstand the failure components, such as hard disks, servers, and network links.
67
AWS X-Ray
helps you troubleshoot your app. ex: performance related stuff
68
AWS CodePipeline
service that helps you automate your pipelines
69
Amazon ECR
Elastic Container Registry
container registry offering hosting to deploy app images and artifacts.
70
hypervisor
protect the physical hardware, storage
71
Patch Manager
automates the process of patching Windows and Linux managed instances
72
Fault tolerance
enables a system to continue operating properly in the event of the failure
73
Amazon Redshift
data warehouse service (unlike a database service like Dynamo), a warehouse service is for analytical queries rather than transactional queries
74
Security groups
-for Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level
75
Application Load Balancer
best for load balancing of HTTP(S) traffic.
76
AWS Direct Connect
establish a dedicated network connection from on-premises to AWS
77
Amazon Machine Image
template that contains a software configuration
78
Savings Plans
offers low prices on EC2, Lambda, and Fargate
79
Amazon RDS Read Replicas
provide enhanced performance for database instances
80
Which AWS offerings are serverless services?
Lambda & DynamoDB (fully managed)
81
AWS Well-Architected Framework
scaling horizontally
82
tightly-coupled
monolithic architectures run as a single service
83
loosely-coupled
microservice architecture. independently run services; components don't develop on each other.
84
tightly-coupled
monolithic architecture. all processes run as a single service
85
3 AWS services that can help you build loosely-coupled applications?
SQS, SNS and EventBridge(CloudWatch Events)
86
AWS ELB
Elastic Load Balancing .
Used to distribute traffic automatically to, for example: Amazon EC2 instances, Lambda functions..... etc
87
tags
key-value pairs that allow you to track usage and spending into groups
88
Greatest impact on cost
Compute, Storage and Data transfer OUT
89
Amazon Lightsail
- low-cost Virtual Private Server (VPS) in the cloud
-easiest way to launch and manage a site built on WordPress, etc.
90
AWS Resource Groups
Managing of all AWS resources as a group.
ex: different environments: development, testing, and production, Resource Groups for each environment to view and manage your resources
91
AWS CodeBuild
service that lets you compile and test your code.
92
AWS CodeCommit
used to store and version source code
93
AWS CodeDeploy
used to deploy application code to Amazon EC2, AWS Fargate, AWS Lambda etc
94
AWS CodePipeline
automates committing code ( to AWS CodeCommit) to deploying it (with AWS CodeDeploy)
95
Chat access to AWS Support Engineers is available at which tiers?
Business & Enterprise
96
AWS Global Accelerator
improves the availability and performance of the applications for your global users
97
AWS KMS
AWS Key Management Service
Lets you create, manage, and control cryptographic keys across your apps
98
Amazon Macie
Security service, uses machine learning to protect sensitive data in AWS
99
Amazon Redshift Spectrum
run SQL queries in Amazon S3 (like Athena)
100
Amazon Comprehend
a Natural Language Processing (NLP) service that uses machine learning to find meaning in text
101
AWS CloudHSM
Hardware Security Module (HSM) that enables you to generate your own encryption keys
102
Business Support plan
24x7 access to technical support
103
AWS WAF
firewall that protect web apps from attacks. you configure rules that BLOCK TRAFFIC based on conditions
104
Amazon CodeGuru
provides recommendations to improve code quality
105
Amazon EFS
Amazon Elastic File System
designed for high availability and durability storing data redundantly across multiple Availability Zones
provides scalable, elastic file storage; use with AWS Cloud services and on-premises resources
106
seven design principles for security in the cloud:
1. Implement a strong identity foundation
2. Enable traceability
3. Apply security at all layers
4.Automate security best practices
5.Protect data in transit and at rest
6. Keep people away from data
7.Prepare for security events
107
Amazon ECS launch types (2):
Fargate launch type (serverless, and you have less control)
EC2 launch type (server-based, you have more control).
108
Inherited Controls
Physical and Environmental controls (Controls which a customer fully inherits from AWS.)
109
Primary storage service used by Amazon RDS database instances?
EBS (Elastic Block Store)
110
AWS Cognito
lets you add user sign-up, sign-in, and access control to your apps
111
Amazon SES
Amazon Simple Email Service.
-cloud-based email sending service designed to help digital marketers and developers send marketing, notification, and transactional emails.
112
EC2 instance billing
instances billed one second increments, minimum of 1 minute.
113
What is the primary storage service used by Amazon RDS database instances?
(Amazon EBS) Amazon Elastic Block Store volumes for database storage.
114
Based on the AWS Shared Responsibility Model, which of the following are the sole responsibility of AWS?
Hardware maintenance
Creating hypervisors
115
AWS ACM
AWS Certificate Manager
service that lets you manage, SSL/TLS certificates for use with AWS services
116
Amazon Cloud Directory
directory service to manage your aws resources such as users, groups, locations, devices, and policies
117
Which AWS services or features support data replication across AWS Regions?
Amazon S3(Cross-Region Replication) and Amazon RDS (read replicas across Regions)
118
Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances
Spot Instance
119
Savings Plans
flexibility to use the instance configurations that best meet your needs, instead of making a commitment to a specific instance configuration
120
AWS Professional Services
team of experts that helps customers realize their desired business outcomes when using AWS
121
Reserved Instance types?
Standard or Convertible (can be changed)
122
In Amazon RDS databases AWS is responsible for:
1- Managing the underlying infrastructure
2- Managing the operating system.
3- Database setup.
4- Patching and backups.
123
EBS Pricing based on?
Volumes and Snapshots
124
Why are Serverless Architectures more economical than Server-based Architectures?
Serverless architectures can reduce costs because you do not have to manage or pay for underutilized servers, or provision redundant infrastructure to implement high availability.
125
Amazon Connect
cloud-based customer contact center solution.
126
Amazon DynamoDB
(AWS Managed Service) A NoSQL database. non-relational db. uses a key-valuesto store and retrieve data. does NOT do complex queries
127
Parallelize tasks
use a load balancer to distribute the incoming requests across multiple instances
128
Adjusting compute capacity dynamically to reduce cost is an implementation of which AWS cloud best practice?
Implement elasticity, meaning they can instantly grow ( to maintain performance) or shrink ( to reduce costs).
129
Adjusting compute capacity dynamically to reduce cost is an implementation of which AWS cloud best practice?
Implement elasticity, meaning they can instantly grow ( to maintain performance) or shrink ( to reduce costs).
130
AWS-Managed Service
AWS Lambda,
Amazon RDS,
Amazon Redshift,
Amazon CloudFront,
Amazon S3,
DyanmoDB,
AWS EMR.
131
AWS Managed Services (AMS) service
operates AWS on behalf of enterprise customers and partners
132
The principle “design for failure and nothing will fail” is very important when designing your AWS Cloud architecture. Which of the following would help adhere to this principle?
Elastic Load Balancing
Availability Zones
133
Which S3 storage class is best for data with unpredictable access patterns?
S3 Intelligent-Tiering
134
AWS Organizations has five main benefits:
1) Centrally manage access polices across multiple AWS accounts.
2) Automate AWS account creation and management.
3) Control access to AWS services.
4) Consolidate billing across multiple AWS accounts.
5) Configure AWS services across multiple accounts.
135
Six Pillars of the AWS Well-Architected Framework:
1- Operational Excellence (ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedure)
2- Security (protect information, systems, and assets)
3- Reliability (system to recover from infrastructure or service disruptions)
4- Performance Efficiency ( ability to use computing resources efficiently to meet system requirements)
5- Cost Optimization
6- Sustainability
136
Which AWS Support Plans gives you 24/7 access to Cloud Support Engineers via email, chat or phone?
Enterprise and Business
137
Federation
can use single sign-on to access your AWS accounts using credentials from your corporate directory
138
IAM Permissions
let you specify the desired access to AWS resources. Permissions are granted to IAM entities (users, user groups, and roles), by default these entities start with no permissions.
139
What does Amazon GuardDuty do to protect AWS accounts and workloads?
continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts
integrates with Amazon CloudWatch Events and AWS Lambda to allow you to set up automated remediation actions against discovered security issues.
140
services that automatically replicate data across Availability Zones.
S3
Amazon Aurora
140
services that automatically replicate data across Availability Zones.
S3
Amazon Aurora
141
AWS provides three pricing models:
1- Pay-as-you-go (NO upfront fee)
2- Save when you commit
3- Pay less by using more
142
Business Support provides:
full set of Trusted Advisor checks and guidance
AWS Health API i
143
Which plan provides 15 minutes response-time support if your business critical system goes down
Enterprise
144
Which plan provides 1 hour response-time support if your business critical system goes down
Business
145
According to the AWS shared responsibility model, what are the controls that customers fully inherit from AWS?
physical controls and environmental controls.
146
IAM role
IAM identity that you can create in your account that has specific permissions and is assumable by anyone who needs it
* does not have standard long-term credentials
147
What can AWS customers do to benefit from the elasticity of the AWS Cloud?
Serverless Computing provides the highest level of elasticity. Serverless enables you to build modern applications with increased agility and lower total cost of ownership.
148
On-Demand instances
You can increase or decrease your compute capacity depending on the demands of your application and only pay for what you use
Remove the need to buy “safety net” capacity to handle periodic traffic spikes.
good for unpredictable workloads
149
Amazon SNS
fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P)
