AWS Extra Information

If there's ever a permanent circle of doom, it is always a:

Security group issue

______________ can be applied to multiple instances

Security Groups

Starting an application/script when an instance first launches is called ____________

Bootstrapping

An ____________ cannot attach to more than 1 EC2 Instance at a time and is locked to a specific availability zone

Elastic Block Store (EBS).

An ___________ can be attached to multiple EC2 Instances at a time and can be mounted on instances across multiple availability zones, regions, & VPC’s

Elastic File System (EFS)

In ______________ Encryption, the ________ encrypts the file AFTER receiving it

Server-Side / Server

In ______________ Encryption, the ________ encrypts the file BEFORE uploading it

Client-Side / Client

If any part of the exam mentions an in-memory database, the answer is __________

ElastiCache

Questions mentioning "Serverless" or "low-latency", the answer is probably ____________

DynamoDB

If any part of the exam mentions a Hadoop cluster, the answer is

Elastic Map Reduce (EMR)

____________ is AWS's proprietary version of GitHub.

CodeCommit

Anytime you see CDN or EDGE LOCATIONS on the exam, think of _____________!

CloudFront!

If any of the exam mentions an decouple / decoupling, the answer is ____________________

Simple Queue Service (SQS)

________________ is just AWS Single Sign-On (SSO)

AWS IAM Identity Center

If the question mentions GraphQL, the answer is probably _____________

AWS AppSync

The cheapest Backup Strategy is ______________

Backup & Restore

__________ is a forum.

AWS re:Post

Always correlate _______________ with Edge Locations (improves performance around the world for end-users, especially users in EDGE LOCATIONS!!!)

Amazon CloudFront

___________ CANNOT track configuration changes

Amazon Inspector

Any AMI you use must be in ____________ as your EC2 instance

The same region

_____________ is a governance and security service that acts as a continuous "security camera" for your AWS account

AWS CloudTrail

______________________ configuration enhances database scalability

Amazon RDS with Read Replica

General advice, if the question mentions multiple AWS accounts, the answer is probably _______________

AWS Organizations

___________ in MFA is a USB.

A U2F / FIDO key

_________________________________ have data encryption automatically enabled

CloudTrail Logs, Amazon S3 Glacier & AWS Storage Gateway

The Operational Excellence Pillar of the Well Architected Framework recommends maintaining ______________________

infrastructure as code (IaC)

There is a __________ minimum charge for Linux based EC2 instances, even though it is typically charged per-second.

One-minute

Data warehousing ALWAYS EQUALS _________

Redshift

For the AWS VPC Service: ____________________is managed by AWS

A NAT Gateway

For the AWS VPC Service:

A Security Group can ______________________

Only have allow rules.

Amazon EC2 _______________ provide a physical server dedicated entirely to a single customer's use.

Dedicated Hosts

AWS Shield Advanced provides DDoS Protection for web apps running in ___________________________________

AWS Global Accelerator, Amazon Route 53, Amazon CloudFront, AND Amazon EC2

Only _______________ support VPC Gateway Endpoint for a private connection from a VPC

DynamoDB & S3

You can use ____________ to receive alerts when your Reserved Instance (RI) or Savings Plans utilization falls below a defined threshold

AWS Budgets

A normal Firewall operates at Layer _________

Layer 4

A Web Application Firewall (WAF) operates at Layer __________

Layer 7

In order for an AWS account to be removed from AWS organizations, it must be able to ______________________

Operate as a standalone account

Highest possible discount for spot instances is _____

90%

In AWS, transferring data between an Amazon EC2 instance and an Amazon S3 bucket within the same AWS Region is _______________

Free of charge.

In regards to scaling, Fault Tolerance is achieved by a ___________ operation

Scale Up

Each AWS Region has a minimum of _______________________________________

3 AZ's and 1 or more discrete data centers

If a question mentions vulnerabilities, it is PROBABLY _______________

Amazon Inspector

AWS Storage Gateway supports these gateway types:

Tape Gateway, File Gateway, & Volume Gateway

A WAF has the ability to block _______________, therefore blocking ________________ as well.

Certain IP addresses / Certain geographic areas

CloudTrail tells you _____________________

"Who did what, and when"

AWS Config tells you __________________________________________

"How resource is configured / track resource configuration changes".

The ______________ Support Plan includes a designated Technical Account Manager (TAM)

ENTERPRISE

Unlike traditional relational databases, __________________ does not require a predefined schema (Hence why it is highly flexible)

Amazon DynamoDB

_______________ can tracks resource utilization (like EC2 CPU usage) and triggers an alert when the metric crosses a defined boundary (e.g., above 80%).

Amazon CloudWatch

A VPC spans __________ Availability Zone(s) in the Region

All of the

A subnet spans _________ Availability Zone(s) in the Region

Only one

The fundamental drivers of Cost in AWS are:

Compute, Storage, & Outbound Data Transfer

The AWS ___________ Support Plan is the cheapest option that provides 24x7 phone-based technical support

BUSINESS

______________________ is a networking service that improves the availability and performance of applications with global users by routing user traffic.

AWS Global Accelerator

__________________ is adding more resources (CPU, RAM, Storage, etc) to EXISTING RESOURCES

Vertical Scalability

__________________ is adding more servers to an existing infrastructure

Horizontal scaling

____________ optimizes and speeds up files being uploaded or downloaded into S3.

Amazon S3 Transfer Acceleration (S3TA)

______________ offers protection against higher fees that could result from a DDoS attack

AWS Shield Advanced

Mandatory elements of an IAM policy include ______ and ______

EFFECT / ACTION

Highest possible discount for reserved instances is _____

72%

AWS Auto Scaling Groups (ASG's) scale ____________

Horizontally (they add/remove EC2 instances depending on workload)

Amazon CloudWatch billing metric data is always stored in this region:

US-East-1 (Northern Virginia)

! The Amazon S3 storage class that offers the lowest availability is ________________________________

S3 One Zone-Infrequent Access (S3 One Zone-IA)

AWS _______________________ can check for the presence of SQL code that is likely to be malicious (known as SQL injection)

Web Application Firewall (AWS WAF)

This is best-suited for TCP, UDP, and TLS traffic (Layer 4 Traffic) :

Network Load Balancer (NLB)

This is best-suited for content-based routing (HTTP, HTTPS, etc) (Layer 7 Traffic) :

Application Load Balancer (ALB)

Reserved Instance (RI) pricing is available for _____________ & ____________

Amazon EC2 & Amazon RDS

These S3 storage classes do not charge any data retrieval fee:

S3 Standard & S3 Intelligent-Tiering