AWS
Which of the following are criteria affecting your billing for RDS (3)
- Additional storage -Number requests -Clock hours of server time
What are some characteristics of consolidated billing
- Multiple standalone accounts are combined and may reduce your overall bill - A single bill issued containing the charges of all AWS accounts - account charges can be tracked individually
What are two services should you use if you'd like to be notified when you have crossed a billing threshold
-AWS budgets -CloudWatch
Which of the following are principles of sound cloud design?
-Assume everything will fail -disposable resources -Scalability -Infrastructure as code
Which of the following is not a fundamental AWS charge
-Data in
Which of the following are AWS compute services
-EC2 -Lambda
Which of the following AWS services are free to use
-IAM -CloudFormation -Auto-Scaling -Elastic Beanstalk -VPC
Which of the following are valid EC2 pricing options
-on demand -reserved
What is the availability and durability of an S3 storage class
99.999999999% durability and 99.99% availability
Which of the following best describes a Resource Group
A resource group is a collection of resources that she one or more tags for portions of tase
A company uses Chef on-premises to manage server configuration. Which managed service can they use on AWS so they don't need to change tooling?
AWS OpsWorks
Which of the following is AWS managed Ddos protection service
AWS Shield
Provides a personalized view of events that could effect your systems
AWS personal health dashboard
This service can be used to provide an approved catalog of services and applications that users can launch
AWS service catalog
If you want in-depth details on how to create, manage and attach IAM access policies to IAM users, in what AWS resource should you look?
AWS service documentation
What is a security group
Acts as a virtual firewall for your EC2 instance that controls inbound and outbound traffic Only has a checkpoint for going into the EC2 instance (if you go in you can go out )
Which storage service is used by Amazon EC2 instances for the root volume?
Amazon Elastic Book Store (EBS)
Which service allows you to run Docker containers on AWS?
Amazon Elastic Container Service
Which service is good for running compute workloads for people who don't have technical expertise with AWS?
Amazon Lightsail
What of the following AWS services is designed with native Multi-AZ fault tolerance in mind
Amazon S3, Amazon Dynamo DB
Which of the following is AWS's managed database service that is up to 5X faster than a traditional MySQL database
Aurora
The concept of elasticity is most closely associated with which of the following
Auto Scaling
Derek is running a web application and noticing that he's paying for way more server capacity than is required. What AWS features should Derek set up and configured to ensure that his application is automatically adding/removing server capacity to keep in line with the required demand
Auto scaling
Which support plans feature a <4 hour response time in the event of an impaired production system
Business
What AWS service uses Edge Locations for content Caching
Cloud Front
What AWS service has built in DDoS mitigation
CloudFront
what AWS service used edge locations for content Caching
CloudFront
What AWS service must you use if you want to configure an AWS billing alarm
CloudWatch
What are the three fundamentals of pricing in AWS?
Compute, storage, and outbound data transfer
Stephen is having issues tracking how much compute capacity his application is using. Ideally, he wants to track and have alarms for when CPU utilization goes over 70%. What should Stephen do to accomplish this?
Configure a CloudWatch alarm with an alarm threshold set to trigger when CPU utilization is greater than 70%
Which of the following AWS services should you use to migrate an existing database to AWS
DMS
Which AWS service is specifically designed to assist you in processing large data sets
EMR
What is biggest to smallest: AZ, edge locations, regions
Edge locations, availability zones, regions
True or False: It's safer to use Access Keys than it is to use IAM roles
False
True or False: The standard version of AWS Shield offers automated application (layer 7) traffic monitoring
False
True or False: With Consolidated billing, the paying account can make changes to any of the resources owned by a Linked Account
False
Which of the following is NOT an IAM security best practice?
Grant Most privilege
Thomas is managing the access rights and credentials for all the employees access to his company's AWS account. this morning he was notified that some of these accounts may have been compromised and he now needs to change the password policy and regenerate a new password for all users. What AWS service does Thomas need to use in order to accomplish this.
IAM
What acts as an address (like mailing address) for a web server located on a network
IP address
What is AWS serverless compute service
Lambda
What are Amazon Machine Images (AMIs) used for?
Launching an Amazon EC2 instance
What best describes the purpose of having many availability zones in each AWS reign
Multiple availability zones allow for duplicate and redundant compute and back up
Which pricing model is highly flexible with no long-term commitments or upfront payments?
On-Demand
Which of the following compliance certifications attests to the security of the AWS platform regarding credit card transactions
PCI DSS Level 1
What is AWS lightsail an example of
Platform as a service
What is AWS's data warehousing service
Redshift
Which IAM entity can be used to delegate permissions?
Role
What services has built in DDoS mitigation and/or protection
Route 53, Cloud Front, WAF(web application firewall, Elastic Load Balancing, VPCs and Security Groups
You need to host a file in a location that's publicly accessible from anywhere in the world. Which AWS service would best meet that need
S3
What is an EBS snapshot?
Snapshots are copies of EBS volumes that can be used as a backup
Matt is working on projects that involves converting an image format from .png to . jpg Thousands of images have to be converted; however, time is not really an issue and continual processing is not required. What type of EC2 buying option would be most cost effective for Matt to use.
Spot
AWS trusted advisor does not provide advice on which of the following
TCO (total cost of ownership)
What AWS service allows you to calculate the cost of using AWS vs an On Premise Data Center
TCO calculator
what is the term used to describe giving an AWS user only access to the exact services he/she needs to do the required job and nothing more.
The principle of least privilege
What does ARN stand for?
This is the correct answer, an Amazon Resource Name (ARN) is associated with entities such as users and groups
True or False: With AWS Organizations, you can use either just the Consolidated Billing feature, or all the offered features
True
If you are using an on-demand EC2 instance, how are you being charged for it?
You are charged per second, based on an hourly rate, and there are no termination fees
Amazon Opsworks
automates EC2 management and deployment using Chef and Puppet
To restrict access to an entire bucket what do you use
bucket policies
What is used to make entire buckets public
bucket policies
What is AWS Cloud9
cloud based IDE
Tracy has created a Web application placing its underlying infrastructure in the Virginia region. After several months Tracy notices that much of the traffic coming to her website is from Japan. What can Tracy do to best help reduce latency for her users in Japan.
create a CDN using cloudFront making sure the proper content is cashed at Edge locations closest to Japan
if an object is stored in the standard S3 storage class and you want to move to glacier what must you do in order to properly migrate it.
create a life cycle policy that will migrate it after a minimum of 30 days.
what is a NACL (network access control list)
firewall for one or more subnet (subnet is collection of EC2 instances) has two checkpoints - lets you go in and go out
to restrict access to an individual bucket what do you use
object policies
Which of the following are not valid CloudFormation template sections
options
What is AWS VPN
provides internet based site-to-site connection that lets you securely connect your on premise network to your Amazon VPC
Amazons analytical service
quicksight
True or false: a distribution is what we call a series of edge locations that make up a CDN
true
What is AWS Direct connect
uses dedicated private network connections between your on premise network or branch office site and Amazon VPC
What are the following are valid access types for an IAM user
using aws software developers kit programmatic access via the command line aws management console
