AWS Cloud Practitioner Ultimate Guide
What is CloudWatch?
Can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services, and any log files your applications generate. Think of it like a trainer at the gym!! provides you with data and actionable insights to monitor your applications, understand and respond to system-wide performance changes, and get a unified view of operational health.
What is AWS Organization
Consolidated billing Consolidate multiple AWS accounts into an organization that you create and centrally manage Limit of 20 accounts for consolidated billing!!
What is AWS Organizations?
Consolidated billing, and multiple organization account. Helps you centrally govern your environment as you grow and scale your workloads on AWS. It does not view the spending distributions.
You need to track your AWS costs on a detailed level. Which tool will allow you to do this?
Cost Allocation Tags: A tag is a label that you or AWS assigns to an AWS resource. Each tag consists of a key and a value. For each resource, each tag key must be unique, and each tag key can have only one value. You can use tags to organize your resources, and cost allocation tags to track your AWS costs on a detailed level. After you activate cost allocation tags, AWS uses the cost allocation tags to organize your resource costs on your cost allocation report to make it easier for you to categorize and track your AWS costs
You have a MySQL database that you want to migrate to the cloud, and you need it to be significantly faster there. You are looking for a speed increase up to 5 times the current performance. Which AWS offering could you use? A-DynamoDB B-Amazon RDS MySQL C-Elasticache D-Amazon Aurora
D-Amazon Aurora Amazon Aurora is a MySQL and PostgreSQL compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost effectiveness of open source databases. It's up to 5x faster than standard MySQL databases and 3x faster than standard PostreSQL databases
You have joined a small company and inherited an AWS application built within the EC2 Classic network. Which Load Balancer will work with this application? A-Application Load Balancer B-None, the application needs to be upgraded. C-Network Load Balancer D-Classic Load Balancer
D-Classic Load Balancer Provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. It is intended for applications that were built within the EC2 Classic network.
You have recently started using AWS and now need to launch a large number of instances in your VPC. You learn that this number exceeds the service limits for instances in a VPC. What can you do? A-Use Auto Scaling and the service limit can be exceeded. B- Upgrade your support plan to increase this service limit. C-There is nothing that can be done. Redesign based on a smaller number of instances. D-Contact AWS and request a service limit increase.
D-Contact AWS and request a service limit increase. Use the Limits page in the Amazon EC2 console to request an increase in the limits for resources provided by Amazon EC2 or Amazon VPC on a per-region basis
You are working with IAM and need to attach policies to users, groups, and roles. Which will you be attaching these policies to? A-Resources B-Entities C-Principals D-Identities
D-Identities Identities are the IAM resource objects that are used to identify and group. You can attach a policy to an IAM identity. These include users,groups, and roles.
You need to set up a virtual firewall for your EC2 instance. Which would you use? A-Subnet B-Network ACL C-IAM Policy D-Security Group
D-Security Group A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to 5 security groups to the instance.
A video production company uploads large video files to S3 buckets using multipart upload. To which AWS Cloud best practice does this adhere? A-Design for Failure B-Decouple your components C-Implement Elasticity D-Think Parallel
D-Think Parallel Multipart uploads use multithreading to upload large files to S3 buckets in parallel.
A retail company has EC2 On-Demand instances running to serve customer transactions. There is a set pattern of traffic where demand is high at two points in the day, but the instances sit idle for much of the day. What is a good way to optimize these resources? A-Write a script to stop instances when demand is low. B-Use an Elastic Load Balancer to scale out and in based on demand. C-Use reserved instances instead of on-demand instances. D-Use an Auto Scaling Group to scale out and in based on demand.
D-Use an Auto Scaling Group to scale out and in based on demand. The Auto Scaling Group can be used to scale out and scale in the instances as the demand dictates. This will save money and avoid having instances sitting idle for long periods of time.
What are Amazon's Managed Services?
EMR (Elastic MapReduce DynamoDB Lambda RDS Redshift CloudFront
Which AWS service is specifically designed to assist you in processing large data sets?
EMR- Elastic MapReduce
You are trying out AWS on a trial basis and need to deploy an application without having to configure servers. Which AWS service can you use?
Elastic Beanstalk: AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
AWS Trusted Advisor provide checks in 5 different categories. Which item is not one of those checks?
Elasticity: Although this is a valued concept in AWS, it is not one of the 5 checks provided in Trusted Advisor.
Which of the following are principles of sound cloud design?
Number of Requests Additional Storage Clock hours of server time
What is S3?
Provides developers and IT teams with secure, durable, highly scalable object storage. Easy to use, with a simple web services interface to store and retrieve any amount of data from anywhere on the web. Object Based Storage. Files can be from 0 Bytes to 5TB
A company needs to manage and automate tasks on large numbers of resources at one time. Which AWS feature can do this?
Resource Groups: You can use resource groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at one time.
What are the S3 storage options?
S3 Standard S3- Infrequently Accessed S3 One Zone- IA S3 Intelligent Tiering S3 Glacier S3 Glacier Deep Archive
What is the AWS service\feature that takes advantage of Amazon CloudFront's globally distributed edge locations to transfer files to S3 with higher upload speeds?
S3 Transfer Acceleration enables fast, easy and secure transfers of files over long distances between your client and S3 bucket
What is AWS Inspector?
Used for Inspecting EC2 instances for vulnerabilities
What is Cost Explorer?
Used to explore costs AFTER they are incurred lets you visualize, understand, and manage your AWS costs and usage over time. You can analyze your cost and usage data at a high level (e.g., total costs and usage across all accounts in your organization) or for highly specific requests.
You are working on two projects that require completely different network configurations. Which AWS service will allow you to isolate resources and network configurations?
Virtual Private Cloud Lets you provision a logically isolated section of the AWS Cloud where you can launch AWS Resources in a virtual network that you define
You are leading a pilot program to try the AWS Cloud for one of your applications. You have been instructed to provide an estimate of your AWS bill. Which service will allow you to do this by manually entering your planned resources by service?
With the AWS Pricing Calculator, you can input the services you will use, and the configuration of those services, and get an estimate of the costs these services will accrue. AWS Pricing Calculator lets you explore AWS services, and create an estimate for the cost of your use cases on AWS.
What is Amazon Aurora?
a MySQL and PostgreSQL compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost effectiveness of open source databases. It's up to 5x faster than standard MySQL databases and 3x faster than standard PostreSQL databases
What is AWS CodeStar?
a cloud based service for creating, managing and working with software development projects on AWS. You can quickly develop, build, and deploy applications on AWS.
What is AWS Snowball?
a data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using storage devices designed to be secure for physical transport. Customers can transfer up to 80 Terabytes per
What is AWS CodePipeline?
a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. Automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define. You can easily integrate with third-party services such as GitHub or with your own custom plugin
What does Amazon ElastiCache provide?
a web service that makes it easy to set up, manage, and scale a distributed in-memory data store or cache environment in the cloud. It provides a high-performance, scalable, and cost-effective caching solution, while removing the complexity associated with deploying and managing a distributed cache environment. can be used to significantly improve latency and throughput for many read-heavy applications (such as social networking, gaming, media sharing and Q&A portals) or compute-intensive workloads (such as a recommendation engine).
What are Amazon EC2 Dedicated Hosts?
allow you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2, so that you get the flexibility and cost-effectiveness of using your own licenses, but with the resiliency, simplicity, and elasticity of AWS. An Amazon EC2 a physical server fully dedicated for your use, so you can help address corporate compliance requirements
What is CloudFormation?
an automated provisioning engine designed to deploy entire cloud environments via a JSON script allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third party resources.
What is Network Load Balancer best suited for?
best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and transport Layer Security (TLS) traffic where extreme performance is required. Operating at the connection level (Layer 4), Network Load Balancer routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) and is capable of handling millions of requests per second while maintaining ultra-low latencies.
Amazon Kinesis
enables you to securely stream video from connected devices (IoT devices) to AWS for analytics, ML, playback and other processing
What is AWS X-Ray?
helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. provides an end-to-end view of requests as they travel through your application, and shows a map of your application's underlying components.
What is AWS WAF?
helps protect your web applications from common web exploits that could affect application availability, compromise security or consume excessive resources a firewall that will inspect your web traffic and detect if there's any malicious things (Designed to STOP HACKERS) Layer 7 firewall
What is Auto Scaling?
it monitors your applications and automatically adjusts your capacity to maintain steady, predictable, performance at the lowest possible cost.
What is SQS? (Simple Queue Service)
offers a secure, durable, and available hosted queue that lets you integrate and decouple distributed software systems and components.
What is Virtual Private Cloud?
the service that allows a customer to create a virtual network for their resources in an isolated section of the AWS cloud.
What are the default security credentials that are required to access the AWS management console for an IAM user account?
username and password
What is AWS Pricing Calculator?
you can input the services you will use, and the configuration of those services, and get an estimate of the costs these services will accrue. lets you explore AWS services, and create an estimate for the cost of your use cases on AWS.
What tools can help you build loosely coupled applications?
SQS SNS Can be integrated together to decouple application components so that they run independently, increasing the overall fault tolderance of the application.
You have two Software systems that need to communicate, and you also need to ensure that messages are not lost between them. Which AWS service can help meet these requirements?
SQS: Amazon Simple Queue Service (Amazon SQS) offers a secure, durable, and available hosted queue that lets you integrate and decouple distributed software systems and components.
What is CloudTrail?
Service that enables governance, compliance, operational autidting, and risk auditing of your AWS account. Provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDK, Command Line toold, and other AWS Services. Monitors API calls in the AWS platform Auditing tool Can consolidate log data using an S3 bucket
What AWS Services can be used on premise?
Snowball Snowball Edge Storage Gateway CodeDeploy OpsWorks IoT Greengrass
What does the Business Support Plan Include?
$100/month Tech SUpport- 24/7, email+chat+phone Unlimited # of Contacts can open cases
What does the Enterprise Support Plan include?
$15k/month Tech SUpport- 24/7, email+chat+phone TAM Unlimited # of Contacts can open cases
What does the Developer Support Plan Include?
$29/month Tech Support- Business hour access via email 1 person can open unlimited # of cases
What are the EC2 price models?
- On-Demand: you pay by the hour - Reserved: 1-3 year terms. The longer the terms, the cheaper the price. Gives significant discount. - Spot: terminated by Amazon when they need the capacity. If Amazon kills it you don't pay the partial hours. If you terminate it you pay everything. this comes at a very cheap price. -Dedicated Hosts: Useful for regulatory requirements that may not support multi tenant. Can be purchased on demand
What are the 3 types of Cloud Computing?
1- IaaS 2-PaaS 3-SaaS
What are the pillars of Well Architected Famework?
1- Operational Excellence: The operational excellence pillar includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. 2- Security: The security pillar includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. 3- Reliability: The reliability pillar includes the ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. 4- Performance Efficiency: The performance efficiency pillar includes the ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve. 5- Cost Optimization: The cost optimization pillar includes the ability to avoid or eliminate unneeded cost or sub-optimal resources.
What are the 3 types of cloud deployment?
1-Public Cloud 2-Hybrid 3-Private Cloud
What are the 6 advantages of Cloud Computing?
1-Trade Capital expense for variable expense 2-Benefits from massive economies of scale 3-Stop guessing about capacity 4-Increase speed and agility 5-Stop spending money running and maintaining data centers 6-Go global in minutes
What does the Basic Support plan include?
24x7 access to customer service AWS Trusted Advisor AWS Personal Health Dashboard
What is AWS Lambda?
A code execution service Run code without provisioning or managing servers. You only pay for the compute time you consume
What is Amazon API Gateway?
A fully managed service that makes it easy for developers to create, pulish, maintain, monitor and secure API's at any scale. API's act as the "front door" for applications to access data, business logic, or functionality from your backend services
What is an Internet Gateway?
A horizontally scaled redundant, and highly available VPC component that allows communication between your VPC and internet Serves 2 Purposes- 1-provide a target in your VPC route tables for internet routable traffic 2-perform network addres translation (NAT) for instances that have been assigned public IPv4
What is Amazon GuardDuty?
A threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. With the cloud, the collection and aggregation of account and network activities is simplified, but it can be time-consuming for security teams to analyze event log data for potential threats continuously. It does not provide a testing mechanisms for IAM policies.
After experiencing unusual behavior in your AWS account, you need to determine if there are any issues with AWS that may be affecting your account? A-AWS Personal Health Dashboard B-AWS CloudWatch C-AWS SNS D-AWS Service Health Dashboard
A-AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.
A network security team has noticed some malicious activity on the company AWS account. Which AWS service can be used to detect malicious activity and help protect the account? A-Amazon GuardDuty B-AWS Inspector C-AWS Shield D-Amazon Macie
A-Amazon GuardDuty GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads.
You need to visualize, understand, and manage your AWS costs and usage over time. Which AWS tool would you use? A-Cost Explorer B-CloudWatch C-AWS Cost and Usage Report D-Trusted Advisor
A-Cost Explorer Lets you visualize, understand, and manage your AWS costs and usage over time. You can analyze your cost and usage data at a high level or specifics
Several EC2 instances in a public subnet need internet access. Which will you configure as one step in granting internet access? A-Internet Gateway B-NAT Gateway C-API Gateway D-VPC Peering
A-Internet Gateway An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet.
You have two Software systems that need to communicate, and you also need to ensure that messages are not lost between them. Which AWS service can help meet these requirements? A-SQS B-CloudWatch C-SES D-SNS
A-SQS Simple Queue Service (SQS) offers a secure, durable, and available hosted queue that lets you integrate and decouple distributed software systems and components.
What is the AWS tool that enables you to use scripts to manage all AWS services and resources?
AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
A small startup is configuring its AWS cloud environment. Which AWS service will allow grouping these users together and applying permissions to them as a group?
AWS IAM: AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
A small software company is starting to work with the AWS Cloud. Which service will allow them to find, test, buy, and deploy software that runs on AWS?
AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS
What is AWS Personal Health Dashboard?
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources. **Detailed Troubleshooting Guidance: **Proactive Notifications: **A personalized View of Service Health:
A financial company needs to migrate large amounts of data, at a peta-byte scale, to AWS. Which AWS service can perform this type of migration?
AWS Snowball: Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns.
What is CloudFront?
AWS's CDN service. System of distributed servers that deliver webpages and other web content to a user based on the geographic locations of the user, the origin of the webpage and a content delivery server
What is the primary storage service used by Amazon RDS database instances?
Amazon EBS DB instances for Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and Microsoft SQL Server use Amazon Elastic Block Store (Amazon EBS) volumes for database and log storage. EBS volumes are performant for your most demanding workloads, including mission-critical applications such as SAP, Oracle, and Microsoft products. Amazon EBS scales with your performance needs, whether you are supporting millions of gaming customers or billions of e-commerce transactions.
What are AWS Shared Controls?
Apply to both the infrastructure layer and customer layers but in completely separate context or perspectives. Examples: Patch Mgmt Configuration Mgmt Awareness and Training
Microsoft has announced a new patch for its operating system on an AWS service you use as platform as a service. Within the Shared Responsibility Model, who needs to apply this patch? A-Customer B-AWS C-The customer for spot instances only. D-Either can apply this patch.
B-AWS Customer is only responsible for patching the guest OS, not the host OS.
You need to store key-value pairs of users and their high scores for a gaming application. Which is the best option for this type of data? A-Amazon RedShift B-DynamoDB C-AWS S3 D-RDS MySQL
B-DynamoDB DyanmoDB is ideally suited for storing key-value pairs as it is a key-value and document database that delivers single digit millisecond performance at any scale
An application that experiences highly variable traffic throughout the day has been configured in AWS. The capacity configured to serve this application adjusts to demands throughout the day. Which AWS principle does this describe? A-Viscosity B-Elasticity C-Durability D-High Availability
B-Elasticity The ability to acquire resources as you need them and release resources when you no longer need them.
In Identity and Access Management, which term refers to the IAM resource objects that AWS uses for authentication? A-Identity B-Entity C-Principal D-Resource
B-Entity
You are creating a few IAM policies. This is the first time you have worked with IAM policies. Which tool can you use to test IAM policies? A-Amazon Inspector B-IAM Policy Simulator C-Amazon GuardDuty D-CloudWatch
B-IAM Policy Simulator With IAM Policy Simulator you can test and troubleshoot identity-based policies, IAM permissions boundaries, Organizations service control policies, and resource based policies
After configuring your VPC and all of the resources within it, you want to add an extra layer of security at the subnet level. Which will you use to add this security? A-Security Group B-Network ACL C-IAM D-Private IP Address
B-Network ACL A Network Access Control List (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets.
You have upgraded your AWS support plan to the Business support level. What is true of the Business Support Plan? A-Fifteen minute support on production system failure. B-One hour support on production system failure. C-Twenty-four hour support on production system failure. D-15-minute response time support if your business-critical system goes down.
B-One hour support on production system failure.
A company needs to manage and automate tasks on large numbers of resources at one time. Which AWS feature can do this? A-Tagging B-Resource Groups C-IAM Groups D-IAM
B-Resource Groups You can use Resource Groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at one time.
You have infrequently accessed data in S3 buckets that you want to transfer to Glacier. What can you use in AWS to do this? A-Cross Origin Resource Sharing (CORS) B-S3 Lifecycle Policy C-Bucket Policy D-Database Migration Service
B-S3 Lifecycle Policy You can add rules in an S3 Lifecycle configuration to tell Amazon S3 to transition objects to another Amazon S3 storage class.
You want to group together EC2 instances and manage them as a group. One thing you want to do is issue commands remotely to these instances. Which AWS service will you use? A-Auto Scaling B-Systems Manager C-CloudFormation D-Load Balancing
B-Systems Manager Lets you remotely and securely manage the configuration of your managed instances. A managed instance is any EC2 instance or on-premise machine in your hybrid environment that has been configured for Systems Manager
What is Amazon Athena?
Interactive query service which enables you to analyze and query data located in S3 using standard SQL Serverless
What are spot instances?
Bid for unused EC2 capacity. Prices set by Amazon, fluctuate depending on the supply and demand for capacity.
A software development team has begun using the AWS Developer Tools Suite. Which service will enable creating, managing, and working with software development projects on AWS? A-AWS CodeBuild B-AWS CodeDeploy C-AWS CodeStar D-AWS CodeCommit
C-AWS CodeStar CodeStar is a cloud based service for creating, managing and working with software development projects on AWS.
A small startup is configuring its AWS cloud environment. Which AWS service will allow grouping these users together and applying permissions to them as a group? A-Tagging B-AWS Organizations C-AWS IAM D-Resource Groups
C-AWS IAM Enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources
A gaming company is using the AWS Developer Tool Suite to develop, build, and deploy their applications. Which AWS service can be used to trace user requests from end-to-end through the application? A-CloudWatch B-CloudTrail C-AWS X-Ray D-AWS Inspector
C-AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture
You are storing sensitive employee information in an S3 Bucket. What can you use to give bucket access only to authorized personnel? A-Login and password B-Network Access Control List C-Bucket Policy D-Access Keys
C-Bucket Policy S3 bucket policies specify what actions are allowed or denied for which principles on the bucket that the bucket policy is attached to.
A development team has created a large amount of CloudFormation templates in the JSON format. Which AWS database can store these documents? A-Amazon RedShift B-Amazon Aurora C-DynamoDB D-AWS MySQL
C-DynamoDB The latest DynamoDB update added support for JSON data, making it easy to store JSON documents in a DynamoDB table while preserving their complex and possibly nested shape.
You need an AWS service that can identify objects, people, text, scenes, and activities in images and videos. Which service would you choose? A-CloudSearch B-CloudWatch C-Rekognition D-AWS Inspector
C-Rekognition Rekognition makes it easy to add images and video analysis to your applications using proven, highly scalable, deep learning technology that requires no ML expertise
After creating an EC2 instance to host an application, the traffic to the site far exceeds what was expected. You decide to move to a larger instance type. What AWS principal does this represent? A-Horizontal Scaling B-Elasticity C-Vertical Scaling D-Durability
C-Vertical Scaling The increasing in the size and computing power of a single instance or node without increasing the number of nodes or instances.
Which AWS service can you use to connect your AWS cloud with an on-premises data center? A-VPC Peering B-Internet Gateway C-Virtual Private Gateway D-IAM
C-Virtual Private Gateway This scenario describes a hybrid environment. A virtual private gateway is a logical, fully redundant distributed edge routing function that sits at the edge of your VPC.
What is Rekognition?
Makes it easy to add images and video analysis to your applications using proven, highly scalable, deep learning technology that requires no ML expertise Automates your image and video analysis with Machine Learning You can identify obkects, people, text, scenes, and activities in images and videos as well as detect any inappropriate content
What is AWS Shield?
Focuses solely on Distributed Denial of Service (DDoS) attacks. it is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. Provides always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection. There are two tiers of it--Standard and Advanced.
What is Amazon Macie?
Fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS S3. Can also be used to analyze CloudTrail logs for suspicious API activity
What is Amazon Redshift?
Fully managed data warehouse service that allows you to run complex analytic queries against petabytes of structured data using standard SQL & existing BI tools
What is Amazon SNS? (Simple Notification Service)
Fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, & server less apps
What is AWS Budgets?
Gives you the ability to set custom budgets that alert you when your costs or usage reach a budgeted amount Used to budget costs BEFORE they have been incurred
A Healthcare agency needs to store certain patient information for up to 10 years. To save cost, they want to archive this data to cheaper storage. The data needs to be retrieved within 12 hours. Which is the cheapest option?
Glacier Deep Archive: meets the requirement and is the cheapest option. Amazon S3 Glacier and S3 Glacier Deep Archive are a secure, durable, and extremely low-cost Amazon S3 cloud storage classes for data archiving and long-term backup. They are designed to deliver 99.999999999% durability, and provide comprehensive security and compliance capabilities that can help meet even the most stringent regulatory requirements.
Which AWS services are global?
IAM Route5 CloudFront SNS SES
Using Amazon EC2 falls under which of the following cloud computing models?
IaaS
You are working with IAM and need to attach policies to users, groups, and roles. Which will you be attaching these policies to?
Identities: Identities are the IAM resource objects that are used to identify and group. You can attach a policy to an IAM identity. These include users, groups, and roles.
