Udemy Questions

Question 1

AWS Systems Manager

Answer 1

AWS Systems Manager allows you to centralize operational data from multiple AWS services and automate tasks across your AWS resources. You can create logical groups of resources such as applications, different layers of an application stack, or production versus development environments.

Question 2

AWS Service Health Dashboard

Answer 2

AWS Service Health Dashboard publishes most up-to-the-minute information on the status and availability of all AWS services in tabular form for all Regions that AWS is present in. You can check on this page https://status.aws.amazon.com/ to get current status information.

Question 3

Amazon Inspector

Answer 3

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. Amazon Inspector cannot be used to prevent Distributed Denial-of-Service (DDoS) attack. It cannot provide the status of your AWS resources.

Question 4

AWS Acceptable Use Policy

Answer 4

The Acceptable Use Policy describes prohibited uses of the web services offered by Amazon Web Services, Inc. and its affiliates (the “Services”) and the website located at http://aws.amazon.com (the “AWS Site”). This policy is present at https://aws.amazon.com/aup/ and is updated on a need basis by AWS.

Question 5

AWS Trusted Advisor

Answer 5

AWS Trusted Advisor is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits, and performance improvement. Whether establishing new workflows, developing applications, or as part of ongoing improvement, recommendations provided by Trusted Advisor regularly help keep your solutions provisioned optimally.

Question 6

AWS Service Quotas

Answer 6

Service Quotas enables you to view and manage your quotas for AWS services from a central location. Quotas, also referred to as limits in AWS, are the maximum values for the resources, actions, and items in your AWS account. Each AWS service defines its quotas and establishes default values for those quotas.

Question 7

Route 53 - Simple Routing Policy

Answer 7

Use for a single resource that performs a given function for your domain, for example, a web server that serves content for the example.com website. You can use simple routing to create records in a private hosted zone.

Question 8

Route 53 - Failover routing policy

Answer 8

Use when you want to configure active-passive failover. You can use failover routing to create records in a private hosted zone.

Question 9

Route 53 - Geolocation routing policy

Answer 9

Use when you want to route traffic based on the location of your users. You can use geolocation routing to create records in a private hosted zone.

Question 10

Route 53 - Geoproximity routing policy

Answer 10

Use when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another location. You can use geoproximity routing to create records in a private hosted zone.

Question 11

Route 53 - Latency routing policy

Answer 11

Use when you have resources in multiple AWS Regions and you want to route traffic to the Region that provides the best latency. You can use latency routing to create records in a private hosted zone.

Question 12

IP-based routing policy

Answer 12

Use when you want to route traffic based on the location of your users, and have the IP addresses that the traffic originates from.

Question 13

Multivalue answer routing policy

Answer 13

Use when you want Route 53 to respond to DNS queries with up to eight healthy records selected at random. You can use multivalue answer routing to create records in a private hosted zone.

Question 14

Weighted routing policy

Answer 14

Use to route traffic to multiple resources in proportions that you specify. You can use weighted routing to create records in a private hosted zone.

Question 15

AWS Organizations Best Practices

Answer 15

Create account per department, Restrict account privileges using Service Control Policies (SCP)

Question 16

AWS Systems Manager Session Manager

Answer 16

AWS SSM Session Manager is a fully-managed service that provides you with an interactive browser-based shell and CLI experience. It helps provide secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, and manage SSH keys. Session Manager helps to enable compliance with corporate policies that require controlled access to instances, increase security and auditability of access to the instances while providing simplicity and cross-platform instance access to end-users.

Question 17

AWS Pricing Calculator

Answer 17

AWS Pricing Calculator lets you explore AWS services and create an estimate for the cost of your use cases on AWS. You can model your solutions before building them, explore the price points and calculations behind your estimate, and find the available instance types and contract terms that meet your needs. This enables you to make informed decisions about using AWS. You can plan your AWS costs and usage or price out setting up a new set of instances and services. AWS Pricing Calculator can be accessed at

Question 18

AWS Organizations Benefits

Answer 18

-Quickly scale your environment by programmatically creating new AWS accounts for your resources and teams at no additional charge
-Simplify user-based permission management to give teams the freedom to build while staying within targeted governance boundries
-Manage and optimize costs across your AWS accounts and resources
-Centrally secure and audit your environment across all of your AWS accounts

Question 19

Benefits of Elastic Load Balancing

Answer 19

Faullt Tolerant and high Availability

Question 20

Auto Scaling in EC2

Answer 20

Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application. You create collections of EC2 instances, called Auto Scaling groups. You can specify the minimum number of instances in each Auto Scaling group, and Amazon EC2 Auto Scaling ensures that your group never goes below this size.

Question 21

Serverless Computing Services

Answer 21

Lambda and FarGate

Question 22

AWS Local Zones

Answer 22

AWS Local Zones allow you to use select AWS services, like compute and storage services, closer to more end-users, providing them very low latency access to the applications running locally. AWS Local Zones are also connected to the parent region via Amazon’s redundant and very high bandwidth private network, giving applications running in AWS Local Zones fast, secure, and seamless access to the rest of AWS services.

Question 23

AWS Instance Store

Answer 23

An instance store provides temporary block-level storage for your EC2 instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for the temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers. Instance storage is temporary, data is lost if instance experiences failure or is terminated. EC2 instance store cannot be used for file sharing between instances.

Question 24

AWS Macie

Answer 24

Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automatically provides an inventory of Amazon S3 buckets including a list of unencrypted buckets, publicly accessible buckets, and buckets shared with AWS accounts outside those you have defined in AWS Organizations. Then, Macie applies machine learning and pattern matching techniques to the buckets you select to identify and alert you to sensitive data, such as personally identifiable information (PII).

Question 25

AWS Glue

Answer 25

AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. AWS Glue job is meant to be used for batch ETL data processing. It cannot be used to discover and protect your sensitive data in AWS.

Question 26

AWS Secrets Manager

Answer 26

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. It cannot be used to discover and protect your sensitive data in AWS.

Question 27

VPC Peering

Answer 27

A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them privately. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your VPCs, with a VPC in another AWS account, or with a VPC in a different AWS Region.

Question 28

VPC Endpoint

Answer 28

VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. You cannot connect two VPCs using a VPC endpoint.

Question 29

U2F Security Key

Answer 29

Universal 2nd Factor (U2F) Security Key is a device that you can plug into a USB port on your computer. U2F is an open authentication standard hosted by the FIDO Alliance. When you enable a U2F security key, you sign in by entering your credentials and then tapping the device instead of manually entering a code.

Question 30

Amazon Transcribe

Answer 30

Speech-to-text

Question 31

Amazon Polly

Answer 31

Text-to-speech

Question 32

AWS Enterprise

Answer 32

Has Training and self paced labs

Question 33

AWS OpsWork

Answer 33

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments.

Question 34

AWS Chef and Puppet

Answer 34

Automation platforms that allow you to use code to automate configuration of servers

Question 35

AWS Batch

Answer 35

A fully managed batch computing service that plans, schedules, and runs your containerized batch ML, simulation, and analytics workloads across the full range of AWS compute offerings, such as Amazon ECS, Amazon EKS, AWS Fargate, and Spot or On-Demand Instances.

Question 36

S3 Storage Classes - Standard

Answer 36

General purpose storage for frequently accessed data
Low latency and high throughput performance
Designed to deliver 99.99% availability with an availability SLA of 99.9%

Question 37

S3 Storage Classes - Intelligent Tiering

Answer 37

Automatically reduces storage costs by moving data to the most cost-effective access tier based on frequency. It offers low-latency performance and savings of up to 40% for infrequently accessed data. There are no retrieval charges, and objects can be moved between tiers without additional charges.

Question 38

S3 Storage Classes - Express One Zone

Answer 38

A high-performance storage class that offers fast data access and reduced costs compared to S3 Standard. It allows you to select a specific Availability Zone within a Region to store your data, optimizing performance and lowering compute costs. It supports services like Amazon SageMaker, Athena, EMR, and Glue Data Catalog for accelerated ML and analytics workloads. S3 Express One Zone automatically scales based on your needs and delivers 99.95% availability.

Question 39

S3 Storage Classes - Standard Infrequent-Access (IA)

Answer 39

A storage class for data that is accessed less frequently but requires fast access when needed. It offers high durability, throughput, and low latency, making it suitable for long-term storage, backups, and disaster recovery files. S3 Standard-IA has a low storage price and retrieval charge. It provides the same performance as S3 Standard and delivers 99.9% availability with an SLA of 99%.

Question 40

S3 Storage Classes - One-Zone Infrequent Access (IA)

Answer 40

A storage class for infrequently accessed data that requires fast access. It stores data in a single Availability Zone, costing 20% less than S3 Standard-IA. It offers high throughput, low latency, and 11 nines of durability. S3 One Zone-IA is suitable for secondary backups, easily re-creatable data, and cost-effective storage for replicated data. It delivers 99.5% availability with an SLA of 99%.