Technology Flashcards
Main differences between Dedicated Instances and Dedicated Hosts?
Dedicated Hosts:
1) Provide additional visibility and control over how instances are placed on a physical server, and how to deploy instances to the same physical server over time.
2) Allow use of existing/owned server-bound software licenses to address corporate compliance and regulations.
3) Per host billing
4) Visibility of sockets, cores, host ID
5) Affinity between a host and instance
6) Add capacity using an allocation request
Dedicate Instances:
1) Per instance billing (subject to a $2 per region fee)
Main similarities between Dedicated Instances and Dedicated Hosts?
1) Enables the use of dedicated physical servers
2) Automatic instance placement
You have noticed that several critical Amazon EC2 instances have been terminated. Which of the following AWS services would help you determine who took this action?
1) AWS CloudTrail
2) Service that enables governance, compliance, operational auditing, and risk auditing for you AWS Account.
3) Can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.
4) Provides event history of AWS account activity including actions taken through the AWS Management console, AWS SDKs, and Command Line tools, and other AWS services. It simplifies security analysis, resource change tracking, and troubleshooting.
What is Amazon Inspector?
1) Automated security assessment service that helps improve the security compliance of applications deployed on AWS.
What is AWS Trusted Advisor?
1) An online tool that provides real time guidance to help you provision your resources following AWS best practices.
2) It offers a rich set of best practice checks and recommendation across five categories: cost optimization, security, fault tolerance, performance, and service limits.
3) Improves security of your application by closing gaps, enabling various AWS security features, and examining your permissions.
4) The core security checks include:
#1- Checks Security Groups for rules that allow unrestricted access to specific ports
#2- Checks Amazon S3 Buckets that have open access permissions.
#3- Checks the root account and warns if Multi-Factor Authentication (MFA) is not enabled.
What is AWS Shield?
1) Managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.
What is AWS Management Console?
1) It’s a simple and intuitive web-based user interface used to access and manage Amazon Web Services.
2) The console doesn’t provide any recommendations.
What is Amazon Aurora?
1) It’s a database service
The identification process of an online financial services company requires that new users must complete an online interview with their security team. After verifying users’ identities, the recorded interviews are only required in the event of a legal issue or a regulatory compliance breach. What is the most cost-effective service to store the recorded videos?
1) Amazon Glacier
2) Extremely low-cost storage service that provides secure, durable, and flexible storage for long-term data backup and archival.
3) Store data for at least $0.004 per gigabyte per month
4) Customers can avoid administrative burdens of long term data storage.
What is S3 Intelligent-Tiering?
1) It is the ideal storage class for long-lived data with access patterns that are unknown or unpredictable.
2) Designed to optimize costs by automatically moving data to the most cost-effective access tier, without performance impact or operational overhead. It works by storing objects in two access tiers: one tier that is optimized for frequent access and another lower-cost tier that is optimized for infrequent access.
3) For a small monthly monitoring and automation fee per object, Amazon S3 monitors access patterns of the objects in S3 Intelligent-Tiering, and moves the ones that have not been accessed for 30 consecutive days to the infrequent access tier. If an object in the infrequent access tier is accessed, it is automatically moved back to the frequent access tier. There are no retrieval fees when using the S3 Intelligent-Tiering storage class, and no additional tiering fees when objects are moved between access tiers.
What S3 storage classes is ideal for data with unpredictable access patterns?
Amazon S3 Intelligent-Tiering
What is Amazon S3 Standard?
1) offers high durability, availability, and performance object storage for frequently accessed data.
What is Amazon S3 Standard-Infrequent Access?
1) S3 Standard-IA is for data that is accessed less frequently, but requires rapid access when needed
What are the benefits of Amazon Simple Storage Solution (S3)?
1) Stores any number of objects, but with object size limits. Individual Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes.
2) Provides unlimited storage for any type of data.
3) Provides 11 9’s (99.999999999%) of data durability.
4) Offers highly available, and infinitely scalable data storage infrastructure at very low costs.
5) provides query-in-place functionality, allowing you to run powerful analytics directly on your data at rest in S3.
What is Amazon Elastic File System (EFS)?
1) It’s a “file-level” storage technology that provides massively parallel shared access to thousands of Amazon EC2 instances, enabling your applications to achieve high levels of aggregate throughput and IOPS with consistently low latencies.
2) Amazon EFS is a file level storage that provides a scalable, elastic file system for Linux-based workloads for use with AWS Cloud services and on-premises resources. Amazon EFS cannot be used to store Amazon RDS DB instances.
What is Amazon Instance Store?
1) Provides temporary “block-level” storage for your EC2 instances.
2) Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content.
What is Amazon Virtual Private Cloud (VPC)?
1) Amazon Virtual Private Cloud (Amazon VPC) lets customers provision a logically isolated section of the AWS Cloud where they can launch AWS resources in a virtual network that they define.
2) Customers complete control over their virtual networking environment.
3) Amazon VPC is not a managed service, customers are responsible for managing almost everything when using the Amazon VPC service.
What is Amazon Elastic Compute Cloud (EC2)?
1) Amazon Elastic Compute Cloud (Amazon EC2) is a service that gives customers complete control over their compute resources.
2) Apart from patching the underlying host - which is the responsibility of AWS - customers are responsible for managing almost everything in their server instances when using Amazon EC2.
What is AWS Identity Access Management (IAM)?
1) AWS Identity and Access Management (IAM) enables customers to manage access to AWS services and resources securely.
2) Using IAM, customers can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
What is Amazon Elastic MapReduce (EMR)?
1) EMR is used to process vast amounts of data easily and securely.
2) Use cases include: big data,log analysis, web indexing, data transformations (ETL), machine learning, financial analysis, scientific simulation, and bioinformatics.
What is AWS Config?
1) AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance.
2) With AWS Config you can discover existing AWS resources, export a complete inventory of your AWS resources with all configuration details, and determine how a resource was configured at any point in time.
3) These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.
What is Amazon Kinesis Video Streams?
1) Amazon Kinesis Video Streams enables you to securely stream video from connected devices (IoT devices) to AWS for analytics, machine learning (ML), playback, and other processing.
2) Kinesis Video Streams automatically provisions and elastically scales all the infrastructure needed to ingest streaming video data from millions of devices.
3) It durably stores, encrypts, and indexes video data in your streams, and allows you to access your data through easy-to-use APIs.
What is Amazon Simple Notification Services (SNS)?
1) Amazon Simple Notification Service (SNS) is a fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications.
2) Using Amazon SNS topics, your publisher systems can fan out messages to a large number of subscriber endpoints for parallel processing, including AWS Lambda functions, and HTTP/S webhooks.
3) Additionally, SNS can be used to fan out notifications to end users using mobile push, SMS, and email.
What does AWS Personal Health Dashboard provide?
1) AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.
2) While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
3) The benefits of the AWS personal health dashboard include:
* *A personalized View of Service Health: Personal Health Dashboard gives you a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you. For example, in the event of a lost EBS volume associated with one of your EC2 instances, you would gain quick visibility into the status of the specific service you are using, helping save precious time troubleshooting to determine root cause.
* *Proactive Notifications: The dashboard also provides forward looking notifications, and you can set up alerts across multiple channels, including email and mobile notifications, so you receive timely and relevant information to help plan for scheduled changes that may affect you. In the event of AWS hardware maintenance activities that may impact one of your EC2 instances, for example, you would receive an alert with information to help you plan for, and proactively address any issues associated with the upcoming change.
* *Detailed Troubleshooting Guidance: When you get an alert, it includes remediation details and specific guidance to enable you to take immediate action to address AWS events impacting your resources. For example, in the event of an AWS hardware failure impacting one of your EBS volumes, your alert would include a list of your affected resources, a recommendation to restore your volume, and links to the steps to help you restore it from a snapshot. This targeted and actionable information reduces the time needed to resolve issues.
