Old Cards

Question 1

How many copies of Aurora for High AVailability

Answer 1

2 per AZ, 3 AZ minimum

Question 2

How many copies for Aurora’s databases can be lost before affecting: a) Write b) Read

Answer 2

a) 2
b) 3

Question 3

How does Aurora know there’s a failure

Answer 3

Continuous scans for data block errors

Question 4

In Route53, what happens to a node with a failed health check

Answer 4

The node is removed until it becomes heathy

Question 5

What is the retention window for Kinesis Streams

Answer 5

1 - 7 days; the default is 1

Question 6

Which can run in multi-AZ: Memcached or Redis

Answer 6

Redis

Question 7

In Cognito, what are Identity Pools

Answer 7

A store of Identity data, providing temporary AWS credentials

Question 8

Describe the Backup and Restore strategy of RDS

Answer 8

Full backup, with Transaction logs during the day, stored in S3
Restore specified day, along with Transaction logs

Question 9

What happens to RDS during backups

Answer 9

I/O may be suspended or there may be latency

Question 10

In DNS, what is a PTR record

Answer 10

It is a reverse A record (ie: an IP address to a domain)

Question 11

What are 3 levels of Flow Logs

Answer 11

VPC
Subnet
Network Interface

Question 12

What are 4 types of S3 Encryption

Answer 12

SSE-S3
SSE-KMS
SSE-C
Client Library

Question 13

What are 3 ways to add scale to a MySQL RDS instance

Answer 13

Add Read Replicas
Provision a larger EC2 instance
Use Elasticache for frequently read, static data

Question 14

What are 2 types of CloudWatch Dashboards

Answer 14

Global
Regional

Question 15

What are 3 types of Placement Groups

Answer 15

Clustered: Instances in a single AZ
Spread: Instances in multiple AZs
Partitioned: Instances spread across multiple partitions in each AZ

Question 16

Which scales Horizontally: Memcached or Redis

Answer 16

Memcached

Question 17

In Cognito, what are User Portals

Answer 17

User Directories, allowing users to Sign Up and Log into apps using a JSON Web Token (JWT)

Question 18

Do Elastic Load Balancers have an IP Address

Answer 18

No, they have a DNS Name

Question 19

What Statuses do Instances have in an Elastic Load Balancer

Answer 19

In Service
Out of Service

Question 20

What are the Task/Message differences in SWF and SQS

Answer 20

SWF is Task-based
SQS is Message-based

Question 21

What are the Assigned/Process differences in SWF and SQS

Answer 21

SWF Tasks are assigned only once and never duplicated
SQS Messages may be processed multiple times

Question 22

What are the Tracking differences in SWF and SQS

Answer 22

SWF tracks Tasks and Events
SQS doesn’t track anything

Question 23

Given the choice, should I use a CNAME or an Alias record

Answer 23

Always use an Alias; they are cheaper and can be used on an Elastic Load Balancer

Question 24

In SQS, what does the attribute DelaySeconds do

Answer 24

SQS will hide a new message for the specified time

Question 25

In SWF, what is the maximum time a Task can remain in a workflow

Answer 25

One year

Question 26

In Route53, what is MultiValue routing

Answer 26

Send traffic from a random set of healthy nodes to a single resource

Question 27

What three ways can you allow communication between a VPC and On-Premises

Answer 27

1) Configure a VPC subnet that doesn’t conflict with subnets on the On-Premises network
2) Add an Internet Gateway to the VPC for VPN connectivity
3) Configure Direct Connect

Question 28

What are the rules for AMI publication

Answer 28

1) Disable Services and Protocols that authenticate in cleartext (ie: FTP)
2) Don’t start unnecessary services (ie: only SSH and RDP)
3) Securely delete:
- AWS credentials
- Third party credentials
- Any certificates and keys
4) Ensure installed software doesn’t use default credentials

Question 29

What parts of the AWS Infrastructure does AWS secure

Answer 29

Data Centers
Hardware
MFA Appliances
24x7 Site Security
Least Access

Question 30

What are your responsibilities for securing AWS resources

Answer 30

Anything you put on or connect to the cloud

Question 31

What are 2 ways you can revert from Dedicated to Default hosting

Answer 31

Use the AWS CLI to change the VPC’s Tenancy
Use the AWS CLI to change the Instance Placement attribute

Question 32

What happens when a Spot instance’s Bid Price is exceeded

Answer 32

The Instance-Action variable is created
The Action variable is set to Terminate
The time value is set to 2 minutes in the future

Question 33

In SQS, what is the maximum Visibility Timeout

Answer 33

14 days

Question 34

In SQS, what does WaitTimeSeconds do

Answer 34

The amount of time to wait for messages

Question 35

Do you create Roles for Users, Groups or Services

Answer 35

Services

Question 36

Describe Disk and Memory security for instances

Answer 36

No access to raw disk
Virtual drives are auto-reset for all blocks
Memory is zero set before release

Question 37

What are the 3 Actors for SWF

Answer 37

Workflow Starter: app that initiates the workflow
Activity Workers: Carry out tasks (can be a human)
Decider: Controls the flow of Activity Workers

Question 38

What are the 5 areas checked by Trusted Advisor

Answer 38

Cost Optimization
Performance
Security
Fault Tolerance
Service Limits

Question 39

How long can a SQS message remain in the queue

Answer 39

1 - 14 days; default is 4 days

Question 40

What type of storage is used in RedShift

Answer 40

Columnar storage

Question 41

What type of compression is used in RedShift

Answer 41

Advanced Compression based upon data

Question 42

How does RedShift distribute processing

Answer 42

Massively Parallel Processing

Question 43

What are the 4 support options

Answer 43

Basic
Developer
Business
Enterprise

Question 44

What are the 4 parts of CloudWatch

Answer 44

1) Alarms: Notification when threshold is reached
2) Events: Respond to state changes (ie: EC2 start up)
3) Logs: Aggregate, Monitor and Store logs (requires EC2 Agent)
4) Dashboards: Customized display

Question 45

How do you make an EC2 instance publicly available when you’ve forgotten to assign a public IP Address

Answer 45

Create an Internet Gateway
Create an Elastic IP Address (EIP)
Associate the EIP to the instance

Question 46

You are creating a VPN to connect a customer network to a VPC.
What 3 things do you need to configure

Answer 46

An On-Premises Customer Gateway
A Virtual Private Gateway
A VPC with a hardware VPN

Question 47

In RDS, what are the attributes of Read Replicas

Answer 47

Asynchronous Replication
Must enable Automated Backups

Question 48

What RDS database engines support Multi-AZ with two readable standbys

Answer 48

MySQL and PostgreSQL

Question 49

In RDS, what are the attributes of Multi-AZ deployments

Answer 49

Automatic Failover
Synchronous Replication

Question 50

What are the 3 DynamoDB structures

Answer 50

Collection (table)
Document (record)
Key/Value Pair (field)

Question 51

In RDS, what are 2 types of backups

Answer 51

Automated
Snapshot

Question 52

In RDS, what happens when you restore

Answer 52

A new instance is created

Question 53

What is needed to create an Elastic Load Balancer (ELB)

Answer 53

At least 2 Public subnets in different AZs

Question 54

How many IP Addresses are reserved per subnet

Answer 54

The first 4 and the Last IP addresses

Question 55

For which S3 Events can you send notifications

Answer 55

Put
Post
Copy
Delete

Question 56

What are the 3 types of Glacier

Answer 56

Instant Retrieval: Archive data accessed once a quarter. Retrieval times in milliseconds, minimum of 90 days of storage

Flexible Retrieval: Archive data accessed 1-2 times per year. Minimum of 90 days of storage. Retrieval times:
- Expedited: 1 - 5 minutes
- Standard: 3 - 5 hours
- Bulk: 5 - 12 hours

Deep Archive: Long-lived archive data accessed less than once per year. Minimum of 180 days of storage. Retrieval times:
- Standard: Within 12 hours
- Bulk: Within 48 hours

Question 57

What are the 3 data formats supported by Athena

Answer 57

JSON
Apache Parquet
Apache ORC

Question 58

What are the 5 types of traffic not logged in a Flow Log

Answer 58

AWS DNS traffic
EC2 Windows License Activation
Instance Meta data on 169.254.169.254
DHCP traffic
VPC reserved IP Address traffic