Free exam questions 27-40
What is the default retention period of a Kinesis data stream and what is the maximum?
24 hours default, 365 days max.
What is a CDN and when should you use it?
A content delivery network should be used when you have content that needs to be distributed to users across different geographic locations and you want to improve the speed, reliability, and availability of content delivery.
What is Amazon CloudWatch?
A service used to monitor the health and performance of AWS resources and apps. It can troubleshoot, optimize resource use, and ensure system reliability.
How can you privately manage EC2 instances in a public subnet of your VPC?
Creating a secondary network interface in different subnets of the VPC.
When does Secrets Manager know to rotate secrets? When does it not know, and what should you do in this case?
For supported databases such as RDS, but not other secret types like API keys. In those cases, users need to customize the Lambda rotation function.
What do HPC instances stand for?
High Performance Computing instances
What is a launch type? What are the two launch types?
In Amazon ECS, a launch type determines the type of infrastructure that is used to run your containerized applications. The two launch types are Fargate and EC2.
How are lifecycle hooks used?
In Auto Scaling groups to perform custom actions during instance launch or termination. This includes data backups, health checks, and load balance registration/deregistration.
What is a limitation of hibernation?
It does not work with autoscaling groups - the group will mark the instance as unhealthy if hibernated and terminate the instance.
What does SSH traffic stand for and what is it?
Secure Shell traffic is a type of network traffic that allows users to securely connect to and manage remote systems over the internet.
What does the aggregation_dimensions configuration do in CloudWatch?
Specify what dimensions to use when aggregating metrics. Dimensions include things like region, instance type, and availability zone
What is a limitation of AWS Outposts?
The EC2 launch type is only supported with Amazon ECS.
What is a principal element?
The entities that are granted permission to access AWS resources. This can be an AWS account, user, group, or application.
What are cooldown timers used for?
They are used in an AWS Auto Scaling to prevent rapid scaling events and stabilize the number of instances in a group. It prevents launching or termination of an instance until previous ones are completed.
What is Amazon S3 Transfer Acceleration for?
To improve the speed and reliability of file transfers over long distances or across networks that are subject to high latency or network congestion.
Why would you install a unified CloudWatch agent?
To simplify the process of collecting and monitoring logs and custom metrics from EC2 instances and on-premises servers.
When is the EC2 launch type best suited?
When there is a requirement of consistent high CPU and memory for container-based applications.
When is the Fargate launch type a better choice than EC2?
When you don't want to worry about the underlying infrastructure.
When should you enable detail monitoring in CloudWatch?
When you need more granular visibility and insights into the performance and behavior of your AWS resources.
When would you use bridge networking mode for ECS tasks?
When you need to allow multiple containers to communicate with each other on the same virtual network interface.
When should you use append_config in an agent configuration file?
When you need to ensure that all log data is retained and that no data is lost due to overwriting.
When should you use a Principal element in your bucket policy?
When you need to grant or deny access to AWS resources based on the identity or role of the entity requesting access. The Principal element is a fundamental component of IAM policies and is essential for managing access to your AWS resources.
When would you use awsvpc networking mode for ECS tasks?
When you need to have more control over the networking configuration of your containers. This includes things like security control, IP address management, and performance optimization.
When should you use a condition element in your bucket policy?
When you need to implement fine-grained access control policies for your AWS resources, based on specific conditions or constraints. These conditions can include restricting access to a specific IP address range, time of day, or source of the request (such as an AWS service). It can also implement multi-factor authentication.
When should you use Multipart upload?
When you need to reliably and quickly upload large files to S3
When would you use host networking mode for ECS tasks?
When you want to have direct access to the host machine's network stack, like for high-performance applications, legacy applications, and network debugging.
When should you call ApproximateNumberOfMessagesVisible?
When you want to measure the number of messages available for retrieval. This can be used to decide the queue length.
When should you call ApproximateNumberOfMessagesNotVisible?
When you want to measure the number of messages in flight. This can be useful for monitoring the health and performance of message processing systems in SQS.
When should you call NumberOfMessagesReceived?
When you want to measure the performance of the message processing system.
When should you call NumberOfMessagesDeleted?
When you want to monitor the successful completion of message processing tasks and ensure they are properly removed from the queue after processing.
When are Local Zones a better choice than Outpost?
When you want to run your applications in a specific metropolitan area.
When should you move an EC2 instance into standby mode?
When you want to temporarily stop it for maintenance or other operational reasons, but you want to preserve its data and configuration
what url would you use to retrieve image ID for all your EC2 instances?
meta-data/ami-id
When should you build a search catalog?
As a more efficient replacement to LIST operations.
What is Amazon KMS?
Amazon Key Management Service is used to create and manage encryption keys, control access to those keys, and audit key usage to demonstrate compliance with regulations.
What does Amazon ECS stand for? What is it used to do?
Elastic Container Service makes it easy to run and manage Docker containers at scale. It handles the scaling, load balancing, and availability of those containers.
What does ENA stand for and what does it do?
Elastic Network Adapter. It is a network interface that provides high throughput and low-latency networking for Amazon EC2 instances.
