Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
52 Cards in this Set
- Front
- Back
Which offerings represent core AWS services? |
Compute, Networking, Storage, Database |
|
Describe the agility and flexibility value proposition of AWS. |
-Reducing time & cost of experimentation. -Getting content as close to the consumer as possible. -Overcoming geographical limitations. -Leveraging for rapid deployment, testing, experimentation, and innovation. |
|
Describe Cloud Computing |
The on-demand delivery of compute power, database, storage, applications, and other IT resources through an online provider platform. |
|
What is the most important value proposition for most AWS customers? |
Cost |
|
On a scale of 100 to 1000, what score do you need to pass the AWS Cloud Practitioner exam? |
700 |
|
What cloud service type offers the basic components for cloud information technology by giving the consumer access to networking infrastructure, virtual or dedicated server computing, and data storage space? |
Infrastructure as a Service |
|
What is the AWS security triad? |
- Key Management Service (KMS) - Infrastructure security - Identity and Access Management (IAM) |
|
What is a method for connecting infrastructure and applications between AWS Cloud-based resources and other resources that reside on-site or at a co-location site? |
Hybrid deployment |
|
How does AWS perform verification when setting up a new account? |
SMS text code |
|
What service is most closely aligned to the elasticity value proposition at AWS?
Elastic load balancing Serverless computing Auto-scaling Containers |
Auto-scaling
|
|
What is the new name of the traditional AWS TCO Calculator?
AWS Shield Trusted Advisor Estimate Exports AWS Pricing Calculator |
AWS Pricing Calculator
|
|
Which of these are a part of the “Pay As You Go” aspect of the AWS pricing model?
1. You will only incur fees for the actual resources and services that your enterprise uses 2. You will only pay for the specific services that you need
3. You reduce risks of over-positioning or missing capacity 4. You can save up to 75% over similar demand by reserving capacity 5. When your enterprise pays a higher upfront fee, you will enjoy a better discount 6. You only pay for the time that you are utilizing services |
1, 2, 3, 6 You will only incur fees for the actual resources and services that your enterprise uses. You will only pay for the specific services that you need. You reduce risks of over-positioning or missing capacity. You only pay for the time that you are utilizing services. |
|
What is deployed the most by organizations on AWS?
Mission-critical workloads Disaster recovery solutions Blob storage Agile developers |
Mission-critical workloads |
|
Which of these is NOT a part of the free-tier model?
12 Months Free Always free Basic support plan Free trials |
Basic support plan
|
|
What organization placed AWS in the “Magic Quadrant for Cloud Infrastructure as a Service, Worldwide” Leaders quadrant?
Gartner IDC Accenture |
Gartner
|
|
What is the new title of the traditional AWS cost calendar?
Savings Plans Cost and Usage Report Cost Categories Cost Explorer |
Cost Explorer
|
|
What is the software that produces and manages a virtual infrastructure, allowing multiple operating systems to run and share resources on a single physical machine?
VPC Container Virtualizer Hypervisor |
Hypervisor
|
|
Which type of risk treatment is best represented by the hybrid cloud deployment model?
Acceptance Transference Reduction Avoidance |
Transference
|
|
Which core service offers Linux virtual machines and applications?
Networking Storage Compute Database |
Compute
|
|
Which of these represent the client responsibility in the AWS shared model?
Hypervisor server blades Content stored on AWS Client-side encryption Format and structure of data The country where the data is stored Data center security |
Content stored on AWS
Client-side encryption Format and structure of data The country where the data is stored |
|
Which of these actions can only be performed by the root account user?
Programmatically access an AWS service Change from credit card to direct billing Sign up for GovCloud Change the root user password Create an IAM group and users Change the support plan |
Change from credit card to direct billing
Sign up for GovCloud Change the root user password Change the support plan |
|
How does AWS refer to a custom user-defined virtual private cloud? Template VPC Non-default VPC Cloud Formation VPC Custom VPC |
Non-default VPC |
|
What is a master component for the creation of virtual servers (EC2 instances) in the Amazon Web Services (AWS) environment?
AMI IAM AWS VPC |
AMI
|
|
What networking component running on the AWS infrastructure would you deploy to allow instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances?
NAT gateway Jump host Bastion server Transit gateway |
NAT gateway
|
|
What would a Windows instance use to securely connect to an S3 bucket over the AWS global infrastructure?
Site-to-Site VPN VPC peering Interface endpoint Gateway endpoint |
Gateway endpoint |
|
Which of these benefits would apply to PCI-DSS regulations for an AWS customer that deals with credit and bank cards?
- Scale rapidly and securely - Lower total cost of ownership - Adhere to compliance mandates - Assurance that data is durable and safe |
- Adhere to compliance mandates
|
|
Which of the compliance regulations relates to the Americas specifically?
PCI DSS SOC 1/ISAE 3402 ISO 27001 FedRAMP |
FedRAMP
|
|
What is a console-based, on-demand self-service auditing object retrieval service that offers quick and easy access to AWS compliance documentation and agreements?
|
Artifact |
|
Which CSA level deals with STAR Self-assessment?
|
STAR Level 1 |
|
What is a repository of frequently used resources and processes needed to perform compliance responsibilities on AWS?
GuardDuty Artifact AWS Inspector Compliance Solutions Guide |
Compliance Solutions Guide
|
|
What is the default password length in AWS IAM?
10 5 6 8 |
8 |
|
What are IAM policies most often applied to? Groups Users Instances Subnets |
Groups |
|
How many managed policies can be applied to an entity in AWS? 5 12 10 6 |
10 |
|
Which of these statements is true regarding an IAM role? It is an identity that has an assigned permission It is often assumed by a user or service It offers a set of permanent credentials It can be applied to an application It is often used to give access to identities outside of AWS It applies long-term credentials like passwords or keys |
It is an identity that has an assigned permission
It is often assumed by a user or service It can be applied to an application It is often used to give access to identities outside of AWS |
|
What is a hardened system whose goal is to offer secure access to a private network from an external network like the Internet?
|
Bastion |
|
What is the default CLI output format in AWS?
Text JSON Table YAML |
JSON |
|
What AWS service lets you quickly, easily, and securely deploy sign-up and sign-in features to mobile and web apps? Appstream Cognito IAM SAML |
Cognito |
|
Identify aspects of AWS Cloud Economics.
|
a. Trade capital expense for variable expense
b. Benefit from massive economies of scale c. Stop guessing capacity d. Increase speed and agility e. Improve security f. Go global in minutes g. Possibility of reducing costs |
|
List the different cloud architecture design principles.
|
a. Scaling
b. Availability c. Automation d. Monitoring e. Security |
|
Define the AWS Cloud and its value proposition.
|
Cloud computing is the on-demand delivery of compute power, database storage,applications, and other IT resources through a cloud services platform via the internetwith pay-as-you-go pricing.
|
|
Define the AWS Shared Responsibility Model.
|
- AWS is responsible for the OF the cloud (datacenters, physical security, hardware networking,etc.)
- Customer is responsible for everything that goes IN the cloud (data, encryption, IAM, software,etc.) - It is crucially important to understand which components and parts of AWS are yourresponsibility for each service. For example, with EC2 you maintain control over the OS, whereas with RDS, AWS is responsible for the OS. The Shared Responsibility model will showup heavily on the exam. Additional details are available on the AWS website in form of variousdocumentation. |
|
Define AWS Cloud security and compliance concepts.
|
1. Concept of least-privilege-access means everyone has the least amount of access needed toperform their roles. Use the IAM service to set up permissions.
2. Always protect external facing resources such as S3 buckets. 3. Use encryption at-rest and in-transit. |
|
Identify AWS access management capabilities.
|
1. IAM – Identity and Access Management gives you the ability to define permissions for accessfor users, groups or roles.
2. Can be used in conjunction with on-premises services like Active Directory or cloud-hostedactive-directory |
|
Identify the core AWS services.
|
- Compute - Storage - Database - Networking - Migration - Management tools |
|
What is EC2? |
EC2 is a web service thatprovides secure, resizable compute capacity in the cloud. |
|
What is S3? |
Amazon Simple Storage Service (Amazon S3) is an object storage servicethat offers industry-leading scalability, data availability, security, andperformance. This means customers of all sizes and industries can use it tostore and protect any amount of data for a range of use cases, such aswebsites, mobile applications, backup and restore, archive, enterpriseapplications, IoT devices, and big data analytics. Amazon S3 provides easy-touse management features so you can organize your data and configure finelytuned access controls to meet your specific business, organizational, andcompliance requirements.
|
|
True or False? A Region is a geographically distinct location in the world with multiple Availability zones. |
True. |
|
What is an Availability zone? |
One or more discrete datacenters. |
|
Edge location |
An edge location is a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery. |
|
True or False? Each Region has at least three AZs. |
False |
|
What is the latency between AZs? |
10ms |
|
Which statement best describes an Availability Zone? a. A geographical area that contains AWS resources b. A single data center or group of data centers within a Region c. A data center that an AWS service uses to perform service-specific operations d. A service that you can use to run AWS infrastructure within your own on-premises data center in a hybrid approach |
b. A single data center or group of data centers within a Region |